Corrected pathname buffer size handling in the dpp utility.

This resolves CID 66412 (Buffer not null terminated). Note, however, that BUFSIZ should probably be PATH_MAX instead.
2025-12-06 02:40:26 -08:00 · 2014-10-14 22:13:13 +00:00 · 2014-10-14 22:13:13 +00:00 · ba3d8d907d
commit ba3d8d907d
parent e13c07bd4a
1 changed files with 5 additions and 3 deletions
--- a/src/c/dpp.c
+++ b/src/c/dpp.c
@ -904,7 +904,8 @@ main(int argc, char **argv)
 	  strcpy(filename, "-");
 	} else {
 	  in = fopen(argv[1],"r");
-	  strncpy(filename, argv[1], BUFSIZ);
+	  strncpy(filename, argv[1], BUFSIZ-1);
+	  filename[BUFSIZ-1] = '\0';
 	}
 #ifdef _MSC_VER
 	/* Convert all backslashes in filename into slashes,
@ -916,10 +917,11 @@ main(int argc, char **argv)
 #endif
 	if (argc < 3 || !strcmp(argv[2],"-")) {
 	  out = stdout;
-	  strncpy(outfile, "-", BUFSIZ);
+	  strcpy(outfile, "-");
 	} else {
 	  out = fopen(argv[2],"w");
-	  strncpy(outfile, argv[2], BUFSIZ);
+	  strncpy(outfile, argv[2], BUFSIZ-1);
+	  outfile[BUFSIZ-1] = '\0';
 	}
 	if (in == NULL)
 		error("can't open input file");