Skip to content


[Security] test-ditem: Use 'g_strlcat' instead of 'strcat'
Browse files Browse the repository at this point in the history
Fixes Clang static analyzer warning:

test-ditem.c:94:2: warning: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119
        strcat (path, "/foo.desktop");
  • Loading branch information
sc0w committed Mar 17, 2019
1 parent 82f424e commit 3233410
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion libmate-desktop/test-ditem.c
Expand Up @@ -91,7 +91,7 @@ test_ditem (const char *file)
"Neu gesetzt!");

getcwd (path, 255 - strlen ("/foo.desktop"));
strcat (path, "/foo.desktop");
g_strlcat (path, "/foo.desktop", sizeof (path));

g_print ("Saving to foo.desktop\n");
uri = g_filename_to_uri (path, NULL, NULL);
Expand Down

0 comments on commit 3233410

Please sign in to comment.