Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Fix a buffer overflow by getting rid of all strcpy() calls #38
When compiling on OpenBSD, the linker produces a warning :
After reading the code, it appears there are no boundary checks being done, and setting TERM to a sufficiently long string and running nyancat afterwise triggers a buffer overflow.
OpenBSD linker suggests using strlcpy but it's not part of C99 and is not available on Linux systems, and strncpy should be avoided.
Here is a diff avoiding copying strings altogether and removing the two calls to strcpy().