diff options
author | Jeesun Kim <iamjs.kim@samsung.com> | 2017-04-21 10:08:27 +0900 |
---|---|---|
committer | Jeesun Kim <iamjs.kim@samsung.com> | 2017-04-21 10:49:43 +0900 |
commit | a520ea40a18d81267d128ec5b2fb87d541558c72 (patch) | |
tree | 98ca6d742b5dc7ced56f94ac6d4219d49605d0e3 | |
parent | 2501964d6e676b9c1dd7e2aad4fb8840d1bf1f8c (diff) | |
download | email-service-a520ea40a18d81267d128ec5b2fb87d541558c72.tar.gz email-service-a520ea40a18d81267d128ec5b2fb87d541558c72.tar.bz2 email-service-a520ea40a18d81267d128ec5b2fb87d541558c72.zip |
fix security svace: strcpysubmit/tizen_3.0_common/20170511.082856submit/tizen_3.0/20170510.012602accepted/tizen/3.0/wearable/20170510.222411accepted/tizen/3.0/mobile/20170510.222406accepted/tizen/3.0/ivi/20170510.222416accepted/tizen/3.0/common/20170511.174314
Signed-off-by: Jeesun Kim <iamjs.kim@samsung.com>
Change-Id: I5cdf32284d126b2e8835f5b0dafdd888895e4730
-rwxr-xr-x | email-core/email-core-mm-callbacks.c | 4 | ||||
-rwxr-xr-x | email-core/email-core-utils.c | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/email-core/email-core-mm-callbacks.c b/email-core/email-core-mm-callbacks.c index eef6494..8d9208b 100755 --- a/email-core/email-core-mm-callbacks.c +++ b/email-core/email-core-mm-callbacks.c @@ -258,8 +258,8 @@ INTERNAL_FUNC void mm_login(NETMBX *mb, char *user, char *pwd, long trial) } if (EM_SAFE_STRLEN(username) > 0 && EM_SAFE_STRLEN(password) > 0) { - strcpy(user, username); - strcpy(pwd, password); + EM_SAFE_STRNCPY(user, username, NETMAXUSER- EM_SAFE_STRLEN(user) -1); + EM_SAFE_STRNCPY(pwd, password, MAILTMPLEN - EM_SAFE_STRLEN(pwd) -1); } else EM_DEBUG_EXCEPTION("User Information is NULL || EM_SAFE_STRLEN is 0 "); diff --git a/email-core/email-core-utils.c b/email-core/email-core-utils.c index 02d00b4..01b57a0 100755 --- a/email-core/email-core-utils.c +++ b/email-core/email-core-utils.c @@ -3246,7 +3246,7 @@ int emcore_strip_HTML_tag(const char *input_html_file_path, char *input_encoding emcore_get_content_string(root_element, result_string, input_result_buffer_legnth, &exit_flag); char *replaced_string = reg_replace_new(result_string, "[ \t\r\n\v\f]+", " "); - EM_SAFE_STRCPY(output_result_buffer, replaced_string); + EM_SAFE_STRNCPY(output_result_buffer, replaced_string, input_result_buffer_legnth - EM_SAFE_STRLEN(output_result_buffer) -1); EM_SAFE_FREE(replaced_string); em_trim_left(output_result_buffer); |