Skip to content

Commit

Permalink
[Security] Use 'g_strlcpy' instead of 'strcpy'
Browse files Browse the repository at this point in the history
to avoid warnings with Clang Analyzer
  • Loading branch information
sc0w committed Mar 5, 2019
1 parent 4ed829a commit fede367
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
6 changes: 3 additions & 3 deletions libcaja-private/caja-file-operations.c
Expand Up @@ -6545,10 +6545,10 @@ mark_desktop_file_trusted (CommonJob *common,
}

if (!g_str_has_prefix (contents, "#!")) {
new_length = length + strlen (TRUSTED_SHEBANG);
new_contents = g_malloc (new_length);
new_length = length + strlen (TRUSTED_SHEBANG) + 1;
new_contents = g_malloc0 (new_length);

strcpy (new_contents, TRUSTED_SHEBANG);
g_strlcpy (new_contents, TRUSTED_SHEBANG, new_length);
memcpy (new_contents + strlen (TRUSTED_SHEBANG),
contents, length);

Expand Down
2 changes: 1 addition & 1 deletion src/caja-sidebar-title.c
Expand Up @@ -433,7 +433,7 @@ override_title_font (GtkWidget *widget,
g_strreverse (tempsize);

gchar tempfont [strlen (font)];
strcpy (tempfont, font);
g_strlcpy (tempfont, font, sizeof (tempfont));
tempfont [strlen (font) - strlen (tempsize)] = 0;

css = g_strdup_printf ("label { font-family: %s; font-size: %spt; }", tempfont, tempsize);
Expand Down

0 comments on commit fede367

Please sign in to comment.