From 3c5412f72879bbce72bfbc7190acd9e5d16d3b46 Mon Sep 17 00:00:00 2001 From: "Carsten Haitzler (Rasterman)" Date: Mon, 1 Sep 2014 18:23:56 +0900 Subject: [PATCH] evas - generic loaders - fix possible string overflow on decoders fixes CID 1039580 --- .../loaders/generic/evas_image_load_generic.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/modules/evas/loaders/generic/evas_image_load_generic.c b/src/modules/evas/loaders/generic/evas_image_load_generic.c index 6f00a6846b..22d0acde27 100644 --- a/src/modules/evas/loaders/generic/evas_image_load_generic.c +++ b/src/modules/evas/loaders/generic/evas_image_load_generic.c @@ -151,18 +151,21 @@ _load(Eina_File *ef, const char *key, // double extn not too long if (((end - dot2) <= 10) && (!illegal_char(dot2))) { - strcpy(&(decoders[decoders_num][0]), img_loader); + strncpy(&(decoders[decoders_num][0]), img_loader, 127); + decoders[decoders_num][127] = 0; dotcat(&(decoders[decoders_num][0]), dot2); decoders_num++; } // single extn not too long if (((end - dot1) <= 5) && (!illegal_char(dot1))) { - strcpy(&(decoders[decoders_num][0]), img_loader); + strncpy(&(decoders[decoders_num][0]), img_loader, 127); + decoders[decoders_num][127] = 0; dotcat(&(decoders[decoders_num][0]), dot1); decoders_num++; } - strcpy(decoders[decoders_num], img_loader); + strncpy(decoders[decoders_num], img_loader, 127); + decoders[decoders_num][127] = 0; decoders_num++; } else if (dot1) @@ -174,12 +177,14 @@ _load(Eina_File *ef, const char *key, dotcat(&(decoders[decoders_num][0]), dot1); decoders_num++; } - strcpy(decoders[decoders_num], img_loader); + strncpy(decoders[decoders_num], img_loader, 127); + decoders[decoders_num][127] = 0; decoders_num++; } else { - strcpy(decoders[decoders_num], img_loader); + strncpy(decoders[decoders_num], img_loader, 127); + decoders[decoders_num][127] = 0; decoders_num++; }