From 120f434967f069dace3aeab9a547b62b127d2c04 Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <calcurse@cryptocrack.de>
Date: Fri, 11 Nov 2011 12:12:58 +0100
Subject: src/io.c: Null-terminate the ical_readline() buffer
Ensure we always return with a null-terminated buffer, even if we read
more than BUFSIZ characters.
Signed-off-by: Lukas Fleischer <calcurse@cryptocrack.de>
---
src/io.c | 1 +
1 file changed, 1 insertion(+)
(limited to 'src')
diff --git a/src/io.c b/src/io.c
index 22f8719..9dcc784 100644
--- a/src/io.c
+++ b/src/io.c
@@ -1896,6 +1896,7 @@ ical_readline (FILE *fdi, char *buf, char *lstore, unsigned *ln)
if (*lstore != SPACE && *lstore != TAB)
break;
strncat (buf, lstore + 1, BUFSIZ);
+ buf[BUFSIZ - 1] = '\0';
(*ln)++;
}
--
cgit v1.2.3-70-g09d2
From 5e4db62662a40fd73c911218a79bb984dc169b18 Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <calcurse@cryptocrack.de>
Date: Fri, 11 Nov 2011 12:00:57 +0100
Subject: src/io.c: Avoid use of memcpy()
Use strncpy() and a proper limit, which ensures we never read more
characters than the buffer can hold. Also, ensure we always
null-terminate strings here.
Signed-off-by: Lukas Fleischer <calcurse@cryptocrack.de>
---
src/io.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
(limited to 'src')
diff --git a/src/io.c b/src/io.c
index 9dcc784..b944373 100644
--- a/src/io.c
+++ b/src/io.c
@@ -2410,7 +2410,8 @@ ical_read_event (FILE *fdi, FILE *log, unsigned *noevents, unsigned *noapoints,
skip_alarm = 0;
while (ical_readline (fdi, buf, lstore, lineno))
{
- memcpy (buf_upper, buf, strlen (buf));
+ strncpy (buf_upper, buf, BUFSIZ);
+ buf_upper[BUFSIZ - 1] = '\0';
str_toupper (buf_upper);
if (skip_alarm)
@@ -2594,7 +2595,8 @@ ical_read_todo (FILE *fdi, FILE *log, unsigned *notodos, unsigned *noskipped,
skip_alarm = 0;
while (ical_readline (fdi, buf, lstore, lineno))
{
- memcpy (buf_upper, buf, strlen (buf));
+ strncpy (buf_upper, buf, BUFSIZ);
+ buf_upper[BUFSIZ - 1] = '\0';
str_toupper (buf_upper);
if (skip_alarm)
{
--
cgit v1.2.3-70-g09d2