secure coding: strcpy => strlcpy

Signed-off-by: Donghwa Jeong <dh48.jeong@samsung.com>

diff --git a/src/lxc/criu.c b/src/lxc/criu.c
index 155e69f8653f5cdc3a0f422d13887bcbeb2518ee..9ccd9b2e57bb64fad63d7693efeb1d14b547ca12 100644 (file)
--- a/src/lxc/criu.c
+++ b/src/lxc/criu.c
@@ -923,7 +923,7 @@ static bool restore_net_info(struct lxc_container *c)
                        if (!lxc_mkifname(template))
                                goto out_unlock;
 
-                       strcpy(netdev->priv.veth_attr.veth1, template);
+                       (void)strlcpy(netdev->priv.veth_attr.veth1, template, IFNAMSIZ);
                }
        }
 

diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index f2a29acf86f0b251e804902f38fcca264b84f122..e34fdecf23eaf7eb082900f485b3b04a45401842 100644 (file)
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -1192,7 +1192,8 @@ static int do_create_container_dir(const char *path, struct lxc_conf *conf)
 
        len = strlen(path);
        p = alloca(len + 1);
-       strcpy(p, path);
+       (void)strlcpy(p, path, len + 1);
+
        if (!lxc_list_empty(&conf->id_map)) {
                ret = chown_mapped_root(p, conf);
                if (ret < 0)
@@ -4777,6 +4778,7 @@ out:
 struct lxc_container *lxc_container_new(const char *name, const char *configpath)
 {
        struct lxc_container *c;
+       size_t len;
 
        if (!name)
                return NULL;
@@ -4799,12 +4801,14 @@ struct lxc_container *lxc_container_new(const char *name, const char *configpath
        }
 
        remove_trailing_slashes(c->config_path);
-       c->name = malloc(strlen(name)+1);
+
+       len = strlen(name);
+       c->name = malloc(len + 1);
        if (!c->name) {
                fprintf(stderr, "Failed to allocate memory for %s\n", name);
                goto err;
        }
-       strcpy(c->name, name);
+       (void)strlcpy(c->name, name, len + 1);
 
        c->numthreads = 1;
        c->slock = lxc_newlock(c->config_path, name);

diff --git a/src/lxc/start.c b/src/lxc/start.c
index abddd16c7a341dc64fa58789ba2236e75d0ce01f..2dae6652ad72e1b4bd3cd44f0762d9e39a4d6189 100644 (file)
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -110,9 +110,11 @@ static void print_top_failing_dir(const char *path)
 
        len = strlen(path);
        copy = alloca(len + 1);
-       strcpy(copy, path);
+       (void)strlcpy(copy, path, len + 1);
+
        p = copy;
        e = copy + len;
+
        while (p < e) {
                while (p < e && *p == '/')
                        p++;

diff --git a/src/lxc/storage/btrfs.c b/src/lxc/storage/btrfs.c
index f22c417470b2c65129c6553b284e9a5a4b3b8620..3458b1f65c1a1190d0afec73fb2161d8a02f62d6 100644 (file)
--- a/src/lxc/storage/btrfs.c
+++ b/src/lxc/storage/btrfs.c
@@ -88,8 +88,8 @@ char *get_btrfs_subvol_path(int fd, u64 dir_id, u64 objid, char *name,
                retpath = malloc(len);
                if (!retpath)
                        return NULL;
-               strcpy(retpath, args.name);
-               strcat(retpath, "/");
+               (void)strlcpy(retpath, args.name, len);
+               strncat(retpath, "/", 1);
                strncat(retpath, name, name_len);
        } else {
                /* we're at the root of ref_tree */
@@ -602,17 +602,20 @@ static bool update_tree_node(struct mytree_node *n, u64 id, u64 parent,
                if (!n->name)
                        return false;
 
-               strcpy(n->name, name);
+               (void)strlcpy(n->name, name, name_len + 1);
        }
 
        if (dirname) {
-               n->dirname = malloc(strlen(dirname) + 1);
+               size_t len;
+
+               len = strlen(dirname);
+               n->dirname = malloc(len + 1);
                if (!n->dirname) {
                        free(n->name);
                        return false;
                }
 
-               strcpy(n->dirname, dirname);
+               (void)strlcpy(n->dirname, dirname, len + 1);
        }
        return true;
 }