From 593b2c6266909658bae1916173e2831ad1384acc Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Sun, 21 Apr 2019 18:20:16 +0200 Subject: [PATCH] respondd: fix incorrect use of strncpy Fortunately, the destination buffer is always big enough, so no buffer overflow can happen. Use memcpy instead of strncpy to make this explicit (and slightly more efficient). --- net/respondd/src/respondd.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/respondd/src/respondd.c b/net/respondd/src/respondd.c index 11391ed..38964fd 100644 --- a/net/respondd/src/respondd.c +++ b/net/respondd/src/respondd.c @@ -612,9 +612,9 @@ static void accept_request(struct request_schedule *schedule, int sock, } struct request_task *new_task = malloc(sizeof(*new_task)); + // input_bytes cannot be greater than REQUEST_MAXLEN-1 + memcpy(new_task->request, input, input_bytes + 1); new_task->scheduled_time = 0; - strncpy(new_task->request, input, input_bytes + 1); - new_task->request[input_bytes] = 0; new_task->client_addr = addr; bool is_scheduled;