Permalink
Browse files

Replace `strlcpy` with `strncpy` in `msIO_stripStdoutBufferContentTyp…

…e()`

The use of `strlcpy` was producing *uninitialised value* errors in
valgrind.  It appears this was due to the fact that `strlcpy` expects
the source string to be null terminated which is not always the case
in this context.
  • Loading branch information...
1 parent dc3915d commit 70a8c298edb84245321bd0080e21363ecc9a2fb3 @homme homme committed with tbonfort Jun 26, 2013
Showing with 5 additions and 2 deletions.
  1. +5 −2 mapio.c
View
@@ -809,10 +809,13 @@ char *msIO_stripStdoutBufferContentType()
}
/* -------------------------------------------------------------------- */
- /* Copy out content type. */
+ /* Copy out content type. Note we go against the coding guidelines */
+ /* here and use strncpy() instead of strlcpy() as the source */
+ /* buffer may not be NULL terminated - strlcpy() requires NULL */
+ /* terminated sources (see issue #4672). */
/* -------------------------------------------------------------------- */
content_type = (char *) malloc(end_of_ct-14+2);
- strlcpy( content_type, (const char *) buf->data + 14, end_of_ct - 14 + 2);
+ strncpy( content_type, (const char *) buf->data + 14, end_of_ct - 14 + 2);
content_type[end_of_ct-14+1] = '\0';
/* -------------------------------------------------------------------- */

0 comments on commit 70a8c29

Please sign in to comment.