perf: replace strcpy() with strncpy() in util/jitdump.c

Usage of strcpy() can lead to buffer overflows. Therefore, it has been
replaced with strncpy(). The output file path is provided as a parameter
and might be restricted by command-line by default. But this defensive
patch will prevent any potential overflow, making the code more robust
against future changes in input handling.

Testing:
- ran perf test from tools/perf and did not observe any regression with
  the earlier code

Signed-off-by: Hrishikesh Suresh <hrishikesh123s@gmail.com>
Signed-off-by: Namhyung Kim <namhyung@kernel.org>

diff --git a/tools/perf/util/jitdump.c b/tools/perf/util/jitdump.c
index b062b1f234b62dd8d4f9e916bcc4f8beb7458b9a..496ca2d2bfdb8227b52d90d5ddc2bc82450aa1cc 100644 (file)
--- a/tools/perf/util/jitdump.c
+++ b/tools/perf/util/jitdump.c
@@ -233,7 +233,8 @@ jit_open(struct jit_buf_desc *jd, const char *name)
        /*
         * keep dirname for generating files and mmap records
         */
-       strcpy(jd->dir, name);
+       strncpy(jd->dir, name, PATH_MAX);
+       jd->dir[PATH_MAX - 1] = '\0';
        dirname(jd->dir);
        free(buf);