From 5e4db62662a40fd73c911218a79bb984dc169b18 Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <calcurse@cryptocrack.de>
Date: Fri, 11 Nov 2011 12:00:57 +0100
Subject: src/io.c: Avoid use of memcpy()

Use strncpy() and a proper limit, which ensures we never read more
characters than the buffer can hold. Also, ensure we always
null-terminate strings here.

Signed-off-by: Lukas Fleischer <calcurse@cryptocrack.de>
---
 src/io.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'src/io.c')

diff --git a/src/io.c b/src/io.c
index 9dcc784..b944373 100644
--- a/src/io.c
+++ b/src/io.c
@@ -2410,7 +2410,8 @@ ical_read_event (FILE *fdi, FILE *log, unsigned *noevents, unsigned *noapoints,
   skip_alarm = 0;
   while (ical_readline (fdi, buf, lstore, lineno))
     {
-      memcpy (buf_upper, buf, strlen (buf));
+      strncpy (buf_upper, buf, BUFSIZ);
+      buf_upper[BUFSIZ - 1] = '\0';
       str_toupper (buf_upper);
 
       if (skip_alarm)
@@ -2594,7 +2595,8 @@ ical_read_todo (FILE *fdi, FILE *log, unsigned *notodos, unsigned *noskipped,
   skip_alarm = 0;
   while (ical_readline (fdi, buf, lstore, lineno))
     {
-      memcpy (buf_upper, buf, strlen (buf));
+      strncpy (buf_upper, buf, BUFSIZ);
+      buf_upper[BUFSIZ - 1] = '\0';
       str_toupper (buf_upper);
       if (skip_alarm)
         {
-- 
cgit v1.2.3-54-g00ecf