https: fix possible out-of-bounds access (Coverity)

author Daniel Salzman <daniel.salzman@nic.cz>

Mon, 23 Aug 2021 07:21:29 +0000 (09:21 +0200)

committer Daniel Salzman <daniel.salzman@nic.cz>

Wed, 25 Aug 2021 15:22:56 +0000 (17:22 +0200)
author Daniel Salzman <daniel.salzman@nic.cz>
Mon, 23 Aug 2021 07:21:29 +0000 (09:21 +0200)
committer Daniel Salzman <daniel.salzman@nic.cz>
Wed, 25 Aug 2021 15:22:56 +0000 (17:22 +0200)
diff --git a/src/utils/common/https.c b/src/utils/common/https.c

index 77a7cc994450cba585b056d37d31a704737183e8..73283a7e97d2053a620a8714c05b7aed55bd0b64 100644 (file)
--- a/src/utils/common/https.c
+++ b/src/utils/common/https.c
@@ -22,6 +22,8 @@
  
  #include "contrib/base64url.h"
  #include "contrib/macros.h"
+#include "contrib/openbsd/strlcat.h"
+#include "contrib/openbsd/strlcpy.h"
  #include "contrib/url-parser/url_parser.h"
  #include "libknot/errcode.h"
  #include "utils/common/https.h"
@@ -381,8 +383,8 @@ static int https_send_dns_query_get(https_ctx_t *ctx)
                                      sizeof(default_query) +
                                      (ctx->send_buflen * 4) / 3 + 3;
         char dns_query[dns_query_len];
-       strncpy(dns_query, ctx->path, dns_query_len);
-       strncat(dns_query, default_query, dns_query_len);
+       strlcpy(dns_query, ctx->path, dns_query_len);
+       strlcat(dns_query, default_query, dns_query_len);
  
         size_t tmp_strlen = strlen(dns_query);
         int32_t ret = knot_base64url_encode(ctx->send_buf, ctx->send_buflen,
author	Daniel Salzman <daniel.salzman@nic.cz>
	Mon, 23 Aug 2021 07:21:29 +0000 (09:21 +0200)
committer	Daniel Salzman <daniel.salzman@nic.cz>
	Wed, 25 Aug 2021 15:22:56 +0000 (17:22 +0200)