Skip to content
Browse files
[Security] test-ditem: Use 'g_strlcat' instead of 'strcat'
Fixes Clang static analyzer warning:

test-ditem.c:94:2: warning: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119
        strcat (path, "/foo.desktop");
  • Loading branch information
sc0w committed Mar 17, 2019
1 parent 82f424e commit 3233410b3a2c23ac6d05e9603787fce5b530e364
Showing with 1 addition and 1 deletion.
  1. +1 −1 libmate-desktop/test-ditem.c
@@ -91,7 +91,7 @@ test_ditem (const char *file)
"Neu gesetzt!");

getcwd (path, 255 - strlen ("/foo.desktop"));
strcat (path, "/foo.desktop");
g_strlcat (path, "/foo.desktop", sizeof (path));

g_print ("Saving to foo.desktop\n");
uri = g_filename_to_uri (path, NULL, NULL);

0 comments on commit 3233410

Please sign in to comment.