From: Martin Matuska <martin@matuska.de>
Date: Wed, 7 Dec 2022 23:04:54 +0000 (+0100)
Subject: tests: silence more CodeQL warnings in test_utils/test_main.c
X-Git-Tag: v3.6.2~11
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=673d82c57ca7dd098dfd421250b0c3289825e837;p=thirdparty%2Flibarchive.git

tests: silence more CodeQL warnings in test_utils/test_main.c

Catch one more uncatched strcpy() and strcat()
---

diff --git a/test_utils/test_main.c b/test_utils/test_main.c
index f6d992483..fd5c6da79 100644
--- a/test_utils/test_main.c
+++ b/test_utils/test_main.c
@@ -4066,6 +4066,7 @@ main(int argc, char **argv)
 
 	{
 		char *testprg;
+		int testprg_len;
 #if defined(_WIN32) && !defined(__CYGWIN__)
 		/* Command.com sometimes rejects '/' separators. */
 		testprg = strdup(testprogfile);
@@ -4076,10 +4077,11 @@ main(int argc, char **argv)
 		testprogfile = testprg;
 #endif
 		/* Quote the name that gets put into shell command lines. */
-		testprg = malloc(strlen(testprogfile) + 3);
-		strcpy(testprg, "\"");
-		strcat(testprg, testprogfile);
-		strcat(testprg, "\"");
+		testprg_len = strlen(testprogfile) + 3;
+		testprg = malloc(testprg_len);
+		strncpy(testprg, "\"", testprg_len);
+		strncat(testprg, testprogfile, testprg_len);
+		strncat(testprg, "\"", testprg_len);
 		testprog = testprg;
 	}
 #endif