From: Daniel Salzman <daniel.salzman@nic.cz>
Date: Mon, 23 Aug 2021 07:21:29 +0000 (+0200)
Subject: https: fix possible out-of-bounds access (Coverity)
X-Git-Tag: v3.1.2~41
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=027897f1d23287471f819e1c203e5715d36f3c51;p=thirdparty%2Fknot-dns.git

https: fix possible out-of-bounds access (Coverity)
---

diff --git a/src/utils/common/https.c b/src/utils/common/https.c
index 77a7cc9944..73283a7e97 100644
--- a/src/utils/common/https.c
+++ b/src/utils/common/https.c
@@ -22,6 +22,8 @@
 
 #include "contrib/base64url.h"
 #include "contrib/macros.h"
+#include "contrib/openbsd/strlcat.h"
+#include "contrib/openbsd/strlcpy.h"
 #include "contrib/url-parser/url_parser.h"
 #include "libknot/errcode.h"
 #include "utils/common/https.h"
@@ -381,8 +383,8 @@ static int https_send_dns_query_get(https_ctx_t *ctx)
 	                             sizeof(default_query) +
 	                             (ctx->send_buflen * 4) / 3 + 3;
 	char dns_query[dns_query_len];
-	strncpy(dns_query, ctx->path, dns_query_len);
-	strncat(dns_query, default_query, dns_query_len);
+	strlcpy(dns_query, ctx->path, dns_query_len);
+	strlcat(dns_query, default_query, dns_query_len);
 
 	size_t tmp_strlen = strlen(dns_query);
 	int32_t ret = knot_base64url_encode(ctx->send_buf, ctx->send_buflen,