From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 9 Oct 2024 13:45:32 +0000 (+0200)
Subject: tool_getparam: replace two uses of strncpy(), ban strncpy
X-Git-Tag: curl-8_11_0~193
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=08949637d5de258af40acd7130cae50fc539c7d9;p=thirdparty%2Fcurl.git

tool_getparam: replace two uses of strncpy(), ban strncpy

strncpy() is rarely the right choice

Closes #15212
---

diff --git a/src/.checksrc b/src/.checksrc
index 946367c499..df9b1f0795 100644
--- a/src/.checksrc
+++ b/src/.checksrc
@@ -1 +1,2 @@
 enable STDERR
+enable STRNCPY
diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index 9a5de1e731..7b6aea70a9 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -390,7 +390,7 @@ void parse_cert_parameter(const char *cert_parameter,
   param_place = cert_parameter;
   while(*param_place) {
     span = strcspn(param_place, ":\\");
-    strncpy(certname_place, param_place, span);
+    memcpy(certname_place, param_place, span);
     param_place += span;
     certname_place += span;
     /* we just ate all the non-special chars. now we are on either a special
@@ -944,7 +944,7 @@ static ParameterError set_rate(struct GlobalConfig *global,
   if(numlen > sizeof(number) -1)
     return PARAM_NUMBER_TOO_LARGE;
 
-  strncpy(number, nextarg, numlen);
+  memcpy(number, nextarg, numlen);
   number[numlen] = 0;
   err = str2unum(&denominator, number);
   if(err)