Fix Svace Issue

- # of Svace : 39967 related to strcpy (secure issue) Change-Id: I29e0602f8806140bdb02e5198e9b9ece86ad0667 Signed-off-by: Moonhee Choi <mh0310.choi@samsung.com>
author: Moonhee Choi <mh0310.choi@samsung.com> 2017-04-18 00:40:15 +0900
committer: Moonhee Choi <mh0310.choi@samsung.com> 2017-04-18 15:46:23 +0900
commit: 536c48cb26cd6a7b755d0f11dc8053fe962ae089 (patch)
tree: 24fe887648db577efb4df8772184408c6f0cb80b
parent: 261a6449ac77c29228cc1bec96a680d9ee792d09 (diff)
download: cairo-536c48cb26cd6a7b755d0f11dc8053fe962ae089.tar.gz
cairo-536c48cb26cd6a7b755d0f11dc8053fe962ae089.tar.bz2
cairo-536c48cb26cd6a7b755d0f11dc8053fe962ae089.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/src/cairo-cff-subset.c b/src/cairo-cff-subset.c
index ed6909bc7..0e206f2d5 100755
--- a/src/cairo-cff-subset.c
+++ b/src/cairo-cff-subset.c
@@ -51,6 +51,7 @@
 
 #include "cairo-scaled-font-subsets-private.h"
 #include "cairo-truetype-subset-private.h"
+#include <stdio.h>
 #include <string.h>
 #include <locale.h>
 
@@ -331,7 +332,10 @@ decode_real (unsigned char *p, double *real)
 	 buf = buffer2 + (q - buffer);
 	 strncpy (buf, decimal_point, decimal_point_len);
 	 buf += decimal_point_len;
-	 strcpy (buf, q + 1);
+	//(2017.04.17) Since secure issue, replace strcpy to strncpy
+	//strcpy (buf, q + 1);
+	 strncpy (buf, q + 1, (buffer + sizeof(buffer)/sizeof(buffer[0])) - (q + 1));
+	//same as strncpy (buf, q + 1, (100 - (q + 1));
 	 buf = buffer2;
     }
author	Moonhee Choi <mh0310.choi@samsung.com>	2017-04-18 00:40:15 +0900
committer	Moonhee Choi <mh0310.choi@samsung.com>	2017-04-18 15:46:23 +0900
commit	536c48cb26cd6a7b755d0f11dc8053fe962ae089 (patch)
tree	24fe887648db577efb4df8772184408c6f0cb80b
parent	261a6449ac77c29228cc1bec96a680d9ee792d09 (diff)
download	cairo-536c48cb26cd6a7b755d0f11dc8053fe962ae089.tar.gz cairo-536c48cb26cd6a7b755d0f11dc8053fe962ae089.tar.bz2 cairo-536c48cb26cd6a7b755d0f11dc8053fe962ae089.zip