caps_str is passed from command line but copied into fixed-size buffer.
CID 229895.
---
src/evmctl.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/evmctl.c b/src/evmctl.c
index 39bc3d9..e07cff4 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -409,8 +409,9 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
} else if (!strcmp(*xattrname, XATTR_NAME_CAPS) && (hmac_flags & HMAC_FLAG_CAPS_SET)) {
if (!caps_str)
continue;
- strcpy(xattr_value, caps_str);
err = strlen(caps_str);
+ assert(err < sizeof(xattr_value));
+ strcpy(xattr_value, caps_str);
} else {
err = lgetxattr(file, *xattrname, xattr_value, sizeof(xattr_value));
if (err < 0) {
--
2.11.0
