diff options
author | Jongkyu Koo <jk.koo@samsung.com> | 2017-05-10 01:18:09 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@review.ap-northeast-2.compute.internal> | 2017-05-10 01:18:09 +0000 |
commit | ec8d2bd444453742e5efc4c4d2f3b051d41c40fd (patch) | |
tree | 327beb4bfdd5aa909f3a4de27a855a05da763800 | |
parent | 2f068a2769486fd2549f354e581fd3502cd0f0c3 (diff) | |
parent | 84ffeea59ba56bed6d7f01d7b2196a28a938a055 (diff) | |
download | email-service-ec8d2bd444453742e5efc4c4d2f3b051d41c40fd.tar.gz email-service-ec8d2bd444453742e5efc4c4d2f3b051d41c40fd.tar.bz2 email-service-ec8d2bd444453742e5efc4c4d2f3b051d41c40fd.zip |
Merge "fix security svace: strcpy" into tizentizen_4.0.m1_releasesubmit/tizen/20170510.012058accepted/tizen/unified/20170510.183103
-rwxr-xr-x | email-core/email-core-mm-callbacks.c | 4 | ||||
-rwxr-xr-x | email-core/email-core-utils.c | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/email-core/email-core-mm-callbacks.c b/email-core/email-core-mm-callbacks.c index eef6494..8d9208b 100755 --- a/email-core/email-core-mm-callbacks.c +++ b/email-core/email-core-mm-callbacks.c @@ -258,8 +258,8 @@ INTERNAL_FUNC void mm_login(NETMBX *mb, char *user, char *pwd, long trial) } if (EM_SAFE_STRLEN(username) > 0 && EM_SAFE_STRLEN(password) > 0) { - strcpy(user, username); - strcpy(pwd, password); + EM_SAFE_STRNCPY(user, username, NETMAXUSER- EM_SAFE_STRLEN(user) -1); + EM_SAFE_STRNCPY(pwd, password, MAILTMPLEN - EM_SAFE_STRLEN(pwd) -1); } else EM_DEBUG_EXCEPTION("User Information is NULL || EM_SAFE_STRLEN is 0 "); diff --git a/email-core/email-core-utils.c b/email-core/email-core-utils.c index 02d00b4..01b57a0 100755 --- a/email-core/email-core-utils.c +++ b/email-core/email-core-utils.c @@ -3246,7 +3246,7 @@ int emcore_strip_HTML_tag(const char *input_html_file_path, char *input_encoding emcore_get_content_string(root_element, result_string, input_result_buffer_legnth, &exit_flag); char *replaced_string = reg_replace_new(result_string, "[ \t\r\n\v\f]+", " "); - EM_SAFE_STRCPY(output_result_buffer, replaced_string); + EM_SAFE_STRNCPY(output_result_buffer, replaced_string, input_result_buffer_legnth - EM_SAFE_STRLEN(output_result_buffer) -1); EM_SAFE_FREE(replaced_string); em_trim_left(output_result_buffer); |