From a9df8ccbd331e21bcbccf3abc65abe730d6f0489 Mon Sep 17 00:00:00 2001
From: Santosh Kumar Pradhan <spradhan@redhat.com>
Date: Wed, 14 May 2014 11:28:15 +0530
Subject: libglusterfs: Use strncpy() instead of strcpy()

Use secure strncpy() to copy the input data to static buffer
and make sure to NULL terminate the copied buffer (if source
buffer is longer than static buffer).

Change-Id: If3564f1398c8eb92669d4bc92700bbdf6ee2278e
BUG: 1097417
Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com>
Reviewed-on: http://review.gluster.org/7759
Reviewed-by: Humble Devassy Chirammal <humble.devassy@gmail.com>
Reviewed-by: Anand Avati <avati@redhat.com>
Tested-by: Anand Avati <avati@redhat.com>
---
 libglusterfs/src/common-utils.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'libglusterfs/src')

diff --git a/libglusterfs/src/common-utils.c b/libglusterfs/src/common-utils.c
index 0ba803dcd80..9fe1b6a4463 100644
--- a/libglusterfs/src/common-utils.c
+++ b/libglusterfs/src/common-utils.c
@@ -80,7 +80,9 @@ mkdir_p (char *path, mode_t mode, gf_boolean_t allow_symlinks)
         char            dir[PATH_MAX]   = {0,};
         struct stat     stbuf           = {0,};
 
-        strcpy (dir, path);
+        strncpy (dir, path, (PATH_MAX - 1));
+        dir[PATH_MAX - 1] = '\0';
+
         i = (dir[0] == '/')? 1: 0;
         do {
                 if (path[i] != '/' && path[i] != '\0')
-- 
cgit