[Spice-devel] [PATCH spice-server] red-stream-device: Fix "make syntax-check"
Frediano Ziglio
fziglio at redhat.com
Wed Jan 30 15:13:06 UTC 2019
Avoid using strncpy, considered not secure.
In this case a simple memcpy is used, we are going to terminate
the string in any case on the next line.
Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
---
server/red-stream-device.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/server/red-stream-device.c b/server/red-stream-device.c
index 440b2689..2a210cc7 100644
--- a/server/red-stream-device.c
+++ b/server/red-stream-device.c
@@ -330,9 +330,9 @@ handle_msg_device_display_info(StreamDevice *dev, SpiceCharDeviceInstance *sin)
return true;
}
- strncpy(dev->device_display_info.device_address,
- (char*) display_info_msg->device_address,
- device_address_len);
+ memcpy(dev->device_display_info.device_address,
+ (char*) display_info_msg->device_address,
+ device_address_len);
// make sure the string is terminated
dev->device_display_info.device_address[device_address_len - 1] = '\0';
--
2.20.1
More information about the Spice-devel
mailing list