mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2024-12-22 21:22:37 +01:00
util: add bounds check to util_get_{domain,username}
Replace uses of strcpy by the safer l_strlcpy. Note that both of these functions can only be called with a buffer of max 253 bytes (the identity string), so this is purely a precautionary measure.
This commit is contained in:
parent
65f279dc1e
commit
34560120f9
@ -176,7 +176,7 @@ const char *util_get_domain(const char *identity)
|
|||||||
memcpy(domain, identity, c - identity);
|
memcpy(domain, identity, c - identity);
|
||||||
return domain;
|
return domain;
|
||||||
case '@':
|
case '@':
|
||||||
strcpy(domain, c + 1);
|
l_strlcpy(domain, c + 1, sizeof(domain));
|
||||||
return domain;
|
return domain;
|
||||||
default:
|
default:
|
||||||
continue;
|
continue;
|
||||||
@ -197,7 +197,7 @@ const char *util_get_username(const char *identity)
|
|||||||
for (c = identity; *c; c++) {
|
for (c = identity; *c; c++) {
|
||||||
switch (*c) {
|
switch (*c) {
|
||||||
case '\\':
|
case '\\':
|
||||||
strcpy(username, c + 1);
|
l_strlcpy(username, c + 1, sizeof(username));
|
||||||
return username;
|
return username;
|
||||||
case '@':
|
case '@':
|
||||||
memcpy(username, identity, c - identity);
|
memcpy(username, identity, c - identity);
|
||||||
|
Loading…
Reference in New Issue
Block a user