[PATCH] acpi: syntaxcheck: strcpy should be replaced with strncpy (LP: #1205215)
Colin King
colin.king at canonical.com
Fri Jul 26 09:38:00 UTC 2013
From: Colin Ian King <colin.king at canonical.com>
Coverity Scan complaining about a strcpy(). Although the buffer is currently
bug enough, it may not be in the future, so use strncpy() to avoid buffer
overflow.
CID null (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)2.
Signed-off-by: Colin Ian King <colin.king at canonical.com>
---
src/acpi/syntaxcheck/syntaxcheck.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/acpi/syntaxcheck/syntaxcheck.c b/src/acpi/syntaxcheck/syntaxcheck.c
index 4b00480..55bcc7e 100644
--- a/src/acpi/syntaxcheck/syntaxcheck.c
+++ b/src/acpi/syntaxcheck/syntaxcheck.c
@@ -269,7 +269,8 @@ static const char *syntaxcheck_error_level(uint32_t error_code)
return "Unknown";
/* AslErrorLevel strings are end-space padded, so strip off end spaces if any */
- strcpy(buf, AslErrorLevel[error_level]);
+ strncpy(buf, AslErrorLevel[error_level], sizeof(buf));
+ buf[sizeof(buf) -1] = '\0';
ptr = strchr(buf, ' ');
if (ptr)
*ptr = '\0';
--
1.8.1.2
More information about the fwts-devel
mailing list