This shouldn't overflow, as we are copying a sha1 hex into a
41-byte buffer. But it does not hurt to use a bound-checking
function, which protects us and makes auditing for overflows
easier.
Signed-off-by: Jeff King <peff@xxxxxxxx>
---
These strcpy calls go away in jc/rerere-multi, so I was holding onto
this to see if that graduated. But since that is stalled, I figured it
cannot hurt to post (and the conflict resolution is obviously trivial).
With this and the previous patch, it makes our code base strcpy free.
Yay.
rerere.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/rerere.c b/rerere.c
index 403c700..587b7e2 100644
--- a/rerere.c
+++ b/rerere.c
@@ -48,7 +48,7 @@ static int has_rerere_resolution(const struct rerere_id *id)
static struct rerere_id *new_rerere_id_hex(char *hex)
{
struct rerere_id *id = xmalloc(sizeof(*id));
- strcpy(id->hex, hex);
+ xsnprintf(id->hex, sizeof(id->hex), "%s", hex);
return id;
}
@@ -904,7 +904,7 @@ int rerere_forget(struct pathspec *pathspec)
static struct rerere_id *dirname_to_id(const char *name)
{
static struct rerere_id id;
- strcpy(id.hex, name);
+ xsnprintf(id.hex, sizeof(id.hex), "%s", name);
return &id;
}
--
2.7.1.526.gd04f550
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html