[Spice-commits] server/reds.cpp
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Sun Sep 13 18:48:56 UTC 2020
server/reds.cpp | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
New commits:
commit 5223aeed322c9e30da919796233f203af5a19e37
Author: Frediano Ziglio <freddy77 at gmail.com>
Date: Fri Sep 11 09:49:48 2020 +0100
reds: Use g_strlcpy instead of strlen/strcpy
Some compiler could generate some warning, like
reds.cpp:2678:5: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(buf, pass);
^
Signed-off-by: Frediano Ziglio <freddy77 at gmail.com>
Acked-by: Jakub Janků <jjanku at redhat.com>
diff --git a/server/reds.cpp b/server/reds.cpp
index fb465c81..edbd09de 100644
--- a/server/reds.cpp
+++ b/server/reds.cpp
@@ -2671,12 +2671,12 @@ static int ssl_password_cb(char *buf, int size, int flags, void *userdata)
{
RedsState *reds = (RedsState*) userdata;
char *pass = reds->config->ssl_parameters.keyfile_password;
- if (size < strlen(pass) + 1) {
- return (0);
+ int len = g_strlcpy(buf, pass, size);
+ if (len >= size) {
+ return 0;
}
- strcpy(buf, pass);
- return (strlen(pass));
+ return len;
}
#if OPENSSL_VERSION_NUMBER < 0x1010000FL
More information about the Spice-commits
mailing list