Skip to content
Permalink
Browse files

[Security] Use 'g_strlcpy' instead of 'strcpy'

to avoid warnings with Clang Analyzer
  • Loading branch information...
sc0w committed Feb 23, 2019
1 parent 4ed829a commit fede3677725c71920288dfa9a6acdd0230e6c68b
Showing with 4 additions and 4 deletions.
  1. +3 −3 libcaja-private/caja-file-operations.c
  2. +1 −1 src/caja-sidebar-title.c
@@ -6545,10 +6545,10 @@ mark_desktop_file_trusted (CommonJob *common,
}

if (!g_str_has_prefix (contents, "#!")) {
new_length = length + strlen (TRUSTED_SHEBANG);
new_contents = g_malloc (new_length);
new_length = length + strlen (TRUSTED_SHEBANG) + 1;
new_contents = g_malloc0 (new_length);

strcpy (new_contents, TRUSTED_SHEBANG);
g_strlcpy (new_contents, TRUSTED_SHEBANG, new_length);
memcpy (new_contents + strlen (TRUSTED_SHEBANG),
contents, length);

@@ -433,7 +433,7 @@ override_title_font (GtkWidget *widget,
g_strreverse (tempsize);

gchar tempfont [strlen (font)];
strcpy (tempfont, font);
g_strlcpy (tempfont, font, sizeof (tempfont));
tempfont [strlen (font) - strlen (tempsize)] = 0;

css = g_strdup_printf ("label { font-family: %s; font-size: %spt; }", tempfont, tempsize);

0 comments on commit fede367

Please sign in to comment.
You can’t perform that action at this time.