Replaced unsafe strcpy(buf, p) calls with bounded strncpy(buf, p, sizeof(buf)-1) followed by explicit NULL-termination. This change ensures that the UTF-8 result from stringprep_locale_to_utf8 cannot overflow the fixed-size buf array.
Signed-off-by: Mingjie Shen [email protected]<mailto:[email protected]> --- examples/example.c | 3 ++- examples/example5.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/examples/example.c b/examples/example.c index 4c322f05..b37ad3d0 100644 --- a/examples/example.c +++ b/examples/example.c @@ -61,7 +61,8 @@ main (void) p = stringprep_locale_to_utf8 (buf); if (p) { - strcpy (buf, p); + strncpy (buf, p, sizeof (buf) - 1); + buf[sizeof (buf) - 1] = '\0'; free (p); } else diff --git a/examples/example5.c b/examples/example5.c index 3f2d7533..97265d55 100644 --- a/examples/example5.c +++ b/examples/example5.c @@ -74,7 +74,8 @@ main (void) p = stringprep_locale_to_utf8 (buf); if (p) { - strcpy (buf, p); + strncpy (buf, p, sizeof (buf) - 1); + buf[sizeof (buf) - 1] = '\0'; free (p); } else -- 2.25.1
0001-Prevent-buffer-overflow-in-example-programs.patch
Description: 0001-Prevent-buffer-overflow-in-example-programs.patch
