ethumb - ensure buf is nul terminated

this SHOULD deal with CID 1039577 and CID 1039576
author: Carsten Haitzler (Rasterman) <raster@rasterman.com> 2013-12-13 18:41:03 +0900
committer: Carsten Haitzler (Rasterman) <raster@rasterman.com> 2013-12-13 21:26:05 +0900
commit: 75fbf9e03a4b163091f7cb4e1ddac26bc241f42b (patch)
tree: e1e3e4657cdd965f58331719412c7e11a2b0ab77
parent: a99bc8933140aa9aec1933ef691fe76f0079066b (diff)
1 files changed, 8 insertions, 3 deletions
diff --git a/src/lib/ethumb/ethumb.c b/src/lib/ethumb/ethumb.c
index 5104b0fae..f1c5466be 100644
--- a/src/lib/ethumb/ethumb.c
+++ b/src/lib/ethumb/ethumb.c
@@ -698,13 +698,17 @@ _ethumb_build_absolute_path(const char *path, char buf[PATH_MAX])
    p = buf;
 
    if (path[0] == '/')
-     strcpy(p, path);
+     {
+        strncpy(p, path, PATH_MAX - 1);
+        p[PATH_MAX - 1] = 0;
+     }
    else if (path[0] == '~')
      {
         const char *home = getenv("HOME");
         if (!home)
           return NULL;
-        strcpy(p, home);
+        strncpy(p, home, PATH_MAX - 1);
+        p[PATH_MAX - 1] = 0;
         len = strlen(p);
         p += len;
         p[0] = '/';
@@ -719,7 +723,8 @@ _ethumb_build_absolute_path(const char *path, char buf[PATH_MAX])
         p += len;
         p[0] = '/';
         p++;
-        strcpy(p, path);
+        strncpy(p, path, PATH_MAX - 1 - len - 1);
+        p[PATH_MAX - 1 - len - 1] = 0;
      }
 
    return buf;
author	Carsten Haitzler (Rasterman) <raster@rasterman.com>	2013-12-13 18:41:03 +0900
committer	Carsten Haitzler (Rasterman) <raster@rasterman.com>	2013-12-13 21:26:05 +0900
commit	75fbf9e03a4b163091f7cb4e1ddac26bc241f42b (patch)
tree	e1e3e4657cdd965f58331719412c7e11a2b0ab77
parent	a99bc8933140aa9aec1933ef691fe76f0079066b (diff)