CID 39925: Missing size check on buffer name when creating a new buffer.

2024-12-18 15:26:23 -05:00 · 2015-03-16 13:24:08 +08:00 · 2015-03-16 13:24:08 +08:00 · 5f9de6bb89
commit 5f9de6bb89
parent d56b3af45a
1 changed files with 3 additions and 2 deletions
--- a/buffer.c
+++ b/buffer.c
@ -528,8 +528,9 @@ struct buffer *bfind( const char *bname, int cflag, int bflag)
 		bp->b_mode = gmode;
 		bp->b_nwnd = 0;
 		bp->b_linep = lp;
-		strcpy(bp->b_fname, "");
-		strcpy(bp->b_bname, bname);
+		bp->b_fname[ 0] = '\0' ;
+		strncpy( bp->b_bname, bname, sizeof( bname_t) - 1) ;
+		bp->b_bname[ sizeof( bname_t) - 1] = '\0' ;
 #if	CRYPT
 		bp->b_key[0] = 0;
 #endif