From 3f1cd5a59653046887d10a895c99e907fe659f49 Mon Sep 17 00:00:00 2001 From: James Prestwood Date: Mon, 8 Feb 2021 12:19:54 -0800 Subject: [PATCH] display: use l_strlcpy to avoid potential overflow If 'entry' exceeds the length of 'line' we could overflow. Instead use l_strlcpy and pass in the remaining amount of data left in the buffer. --- client/display.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/display.c b/client/display.c index 88bc913f..961ad419 100644 --- a/client/display.c +++ b/client/display.c @@ -419,7 +419,7 @@ static void display_completion_matches(char **matches, int num_matches, } entry = l_strdup_printf("%-*s ", max_length, matches[index]); - strcpy(&line[line_used], entry); + l_strlcpy(&line[line_used], entry, sizeof(line) - line_used); l_free(entry); line_used += max_length + 1;