rerere: replace strcpy with xsnprintf
authorJeff King <peff@peff.net>
Mon, 8 Feb 2016 22:25:01 +0000 (17:25 -0500)
committerJunio C Hamano <gitster@pobox.com>
Mon, 8 Feb 2016 22:55:28 +0000 (14:55 -0800)
This shouldn't overflow, as we are copying a sha1 hex into a
41-byte buffer. But it does not hurt to use a bound-checking
function, which protects us and makes auditing for overflows
easier.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
rerere.c
index 9bef24f5b29e43fdde3ef5f625940ea27872c801..3d0fa8f551557c169845c998ca2925cd088f2727 100644 (file)
--- a/rerere.c
+++ b/rerere.c
@@ -50,7 +50,7 @@ static int has_rerere_resolution(const struct rerere_id *id)
 static struct rerere_id *new_rerere_id_hex(char *hex)
 {
        struct rerere_id *id = xmalloc(sizeof(*id));
-       strcpy(id->hex, hex);
+       xsnprintf(id->hex, sizeof(id->hex), "%s", hex);
        return id;
 }
 
@@ -900,7 +900,7 @@ int rerere_forget(struct pathspec *pathspec)
 static struct rerere_id *dirname_to_id(const char *name)
 {
        static struct rerere_id id;
-       strcpy(id.hex, name);
+       xsnprintf(id.hex, sizeof(id.hex), "%s", name);
        return &id;
 }