From: Arun Persaud Date: Sat, 25 Sep 2010 04:10:28 +0000 (-0700) Subject: security fix: replaced some strcat with strncat X-Git-Url: http://winboard.nl/cgi-bin?a=commitdiff_plain;h=07212f7d822ece008518a1be189444a43abbba7a;p=xboard.git security fix: replaced some strcat with strncat there is still more to do --- diff --git a/xboard.c b/xboard.c index 3d62a69..abf3c26 100644 --- a/xboard.c +++ b/xboard.c @@ -1585,6 +1585,7 @@ void PopUpStartupDialog() { // start menu not implemented in XBoard } + char * ConvertToLine(int argc, char **argv) { @@ -1592,15 +1593,17 @@ ConvertToLine(int argc, char **argv) int i; line[0] = NULLCHAR; - for(i=1; iname != NULL) { safeStrCpy(menuName, "menu", sizeof(menuName)/sizeof(menuName[0]) ); - strcat(menuName, mb->name); + strncat(menuName, mb->name, MSG_SIZ - strlen(menuName) - 1); j = 0; XtSetArg(args[j], XtNmenuName, XtNewString(menuName)); j++; if (tinyLayout) { @@ -7274,9 +7278,9 @@ void AskQuestionReplyAction(w, event, prms, nprms) reply = XawDialogGetValueString(w = XtParent(w)); safeStrCpy(buf, pendingReplyPrefix, sizeof(buf)/sizeof(buf[0]) ); - if (*buf) strcat(buf, " "); - strcat(buf, reply); - strcat(buf, "\n"); + if (*buf) strncat(buf, " ", MSG_SIZ - strlen(buf) - 1); + strncat(buf, reply, MSG_SIZ - strlen(buf) - 1); + strncat(buf, "\n", MSG_SIZ - strlen(buf) - 1); OutputToProcess(pendingReplyPR, buf, strlen(buf), &err); AskQuestionPopDown();