diff options
author | Moonhee Choi <mh0310.choi@samsung.com> | 2017-04-12 15:32:06 +0900 |
---|---|---|
committer | Moonhee Choi <mh0310.choi@samsung.com> | 2017-04-18 16:25:50 +0900 |
commit | 90aea65d9219091b3519399301d5bc3517e56276 (patch) | |
tree | 97008bd0fdc2f8c0052a565f701c3128a85a1792 /src/cairo-cff-subset.c | |
parent | 723af0fec73d94e54a2223a8f1dd039bb215b10e (diff) | |
download | cairo-90aea65d9219091b3519399301d5bc3517e56276.tar.gz cairo-90aea65d9219091b3519399301d5bc3517e56276.tar.bz2 cairo-90aea65d9219091b3519399301d5bc3517e56276.zip |
Fix Svace issue & Memory leak
- # of Svace : 39967 related to strcpy (Secure issue)
Change-Id: I8e9092986331fa64d08ca0ff2f5979d94b70a203
Signed-off-by: Moonhee Choi <mh0310.choi@samsung.com>
Diffstat (limited to 'src/cairo-cff-subset.c')
-rw-r--r-- | src/cairo-cff-subset.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/cairo-cff-subset.c b/src/cairo-cff-subset.c index da49e8e1e..ca1437e46 100644 --- a/src/cairo-cff-subset.c +++ b/src/cairo-cff-subset.c @@ -51,6 +51,7 @@ #include "cairo-scaled-font-subsets-private.h" #include "cairo-truetype-subset-private.h" +#include <stdio.h> #include <string.h> #include <locale.h> @@ -331,7 +332,12 @@ decode_real (unsigned char *p, double *real) buf = buffer2 + (q - buffer); strncpy (buf, decimal_point, decimal_point_len); buf += decimal_point_len; - strcpy (buf, q + 1); + + //(2017.04.17) Since securitY issue, replace strcpy to strncpy. + //strcpy (buf, q + 1); + strncpy (buf, q + 1, (buffer + sizeof(buffer)/sizeof(buffer[0])) - (q + 1)); + //same as strncpy (buf, q + 1, 100 - (q + 1)); + buf = buffer2; } |