From: Jaroslav Kysela <perex@perex.cz>
Date: Wed, 7 Dec 2016 13:29:02 +0000 (+0100)
Subject: http_get_nonce - fix possible buffer overflow - coverity
X-Git-Tag: v4.2.1~178
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=cd34860abb2c890ce4f1da9f90e35a3cf52e45b6;p=thirdparty%2Ftvheadend.git

http_get_nonce - fix possible buffer overflow - coverity
---

diff --git a/src/http.c b/src/http.c
index aa7fc5819..7ab3a7f04 100644
--- a/src/http.c
+++ b/src/http.c
@@ -256,7 +256,7 @@ static char *
 http_get_nonce(void)
 {
   struct http_nonce *n = calloc(1, sizeof(*n));
-  char stamp[32], *m;
+  char stamp[33], *m;
   int64_t mono;
 
   while (1) {
@@ -264,7 +264,8 @@ http_get_nonce(void)
     mono ^= 0xa1687211885fcd30LL;
     snprintf(stamp, sizeof(stamp), "%"PRId64, mono);
     m = md5sum(stamp, 1);
-    strcpy(n->nonce, m);
+    strncpy(n->nonce, m, sizeof(stamp));
+    n->nonce[sizeof(stamp)-1] = '\0';
     pthread_mutex_lock(&global_lock);
     if (RB_INSERT_SORTED(&http_nonces, n, link, http_nonce_cmp)) {
       pthread_mutex_unlock(&global_lock);