From 5f9de6bb89e0222c6d95d0f504ccd98464c2e910 Mon Sep 17 00:00:00 2001
From: Renaud Fivet <renaud.fivet@gmail.com>
Date: Mon, 16 Mar 2015 13:24:08 +0800
Subject: [PATCH] CID 39925: Missing size check on buffer name when creating a
 new buffer.

---
 buffer.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/buffer.c b/buffer.c
index 341e6d4..a9e0ce4 100644
--- a/buffer.c
+++ b/buffer.c
@@ -528,8 +528,9 @@ struct buffer *bfind( const char *bname, int cflag, int bflag)
 		bp->b_mode = gmode;
 		bp->b_nwnd = 0;
 		bp->b_linep = lp;
-		strcpy(bp->b_fname, "");
-		strcpy(bp->b_bname, bname);
+		bp->b_fname[ 0] = '\0' ;
+		strncpy( bp->b_bname, bname, sizeof( bname_t) - 1) ;
+		bp->b_bname[ sizeof( bname_t) - 1] = '\0' ;
 #if	CRYPT
 		bp->b_key[0] = 0;
 #endif