forked from enlightenment/enlightenment
Use strncpy instead of strcpy
Even though a user has to be stupid to trigger this, strncpy should be used if not to much hassle :)
This commit is contained in:
parent
7542ddef4c
commit
0c4131d1be
|
@ -163,19 +163,19 @@ e_util_head_exec(int head, const char *cmd)
|
|||
/* yes it could overflow... but who will overflow DISPLAY eh? why? to
|
||||
* "exploit" your own applications running as you?
|
||||
*/
|
||||
strcpy(buf, penv_display);
|
||||
strncpy(buf, penv_display, sizeof(buf));
|
||||
buf[p2 - penv_display + 1] = 0;
|
||||
snprintf(buf2, sizeof(buf2), "%i", head);
|
||||
strcat(buf, buf2);
|
||||
}
|
||||
else if (p1) /* "blah:x */
|
||||
{
|
||||
strcpy(buf, penv_display);
|
||||
strncpy(buf, penv_display, sizeof(buf));
|
||||
snprintf(buf2, sizeof(buf2), ".%i", head);
|
||||
strcat(buf, buf2);
|
||||
}
|
||||
else
|
||||
strcpy(buf, penv_display);
|
||||
strncpy(buf, penv_display, sizeof(buf));
|
||||
|
||||
ok = 1;
|
||||
exe = ecore_exe_run(cmd, NULL);
|
||||
|
|
Loading…
Reference in New Issue