http: http_nonce_exists - fix possible string overflow - coverity

tvheadend · May 23, 2016 · 86e1f02 · 86e1f02
1 parent ce8d357
commit 86e1f02
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/src/http.c b/src/http.c
@@ -280,7 +280,8 @@ http_nonce_exists(const char *nonce)
 
   if (nonce == NULL)
     return 0;
-  strcpy(tmp.nonce, nonce);
+  strncpy(tmp.nonce, nonce, sizeof(tmp.nonce)-1);
+  tmp.nonce[sizeof(tmp.nonce)-1] = '\0';
   pthread_mutex_lock(&global_lock);
   n = RB_FIND(&http_nonces, &tmp, link, http_nonce_cmp);
   if (n) {