diff --git a/common/os_calls.c b/common/os_calls.c index 68a6a5b0..09aa61e8 100644 --- a/common/os_calls.c +++ b/common/os_calls.c @@ -777,7 +777,7 @@ g_tcp_local_connect(int sck, const char *port) memset(&s, 0, sizeof(struct sockaddr_un)); s.sun_family = AF_UNIX; - strcpy(s.sun_path, port); + strncpy(s.sun_path, port, sizeof(s.sun_path)); return connect(sck, (struct sockaddr *)&s, sizeof(struct sockaddr_un)); #endif } @@ -937,7 +937,7 @@ g_tcp_local_bind(int sck, const char *port) memset(&s, 0, sizeof(struct sockaddr_un)); s.sun_family = AF_UNIX; - strcpy(s.sun_path, port); + strncpy(s.sun_path, port, sizeof(s.sun_path)); return bind(sck, (struct sockaddr *)&s, sizeof(struct sockaddr_un)); #endif } diff --git a/sesman/chansrv/chansrv_fuse.c b/sesman/chansrv/chansrv_fuse.c index e80f93a9..993b6594 100644 --- a/sesman/chansrv/chansrv_fuse.c +++ b/sesman/chansrv/chansrv_fuse.c @@ -2184,7 +2184,7 @@ static void xfuse_remove_dir_or_file(fuse_req_t req, fuse_ino_t parent, } strcat(full_path, "/"); - strcat(full_path, name); + strncat(full_path, name, sizeof(full_path) - strlen(full_path)); if (xinode->is_loc_resource) { diff --git a/sesman/chansrv/devredir.c b/sesman/chansrv/devredir.c index 5a8ab3ed..cea42c81 100644 --- a/sesman/chansrv/devredir.c +++ b/sesman/chansrv/devredir.c @@ -1026,7 +1026,7 @@ dev_redir_get_dir_listing(void *fusep, tui32 device_id, char *path) irp->completion_type = CID_CREATE_DIR_REQ; irp->DeviceId = device_id; - strcpy(irp->pathname, path); + strncpy(irp->pathname, path, 255); devredir_fuse_data_enqueue(irp, fusep); DesiredAccess = DA_FILE_READ_DATA | DA_SYNCHRONIZE; @@ -1069,7 +1069,7 @@ dev_redir_file_open(void *fusep, tui32 device_id, char *path, if (type & OP_RENAME_FILE) { irp->completion_type = CID_RENAME_FILE; - strcpy(irp->gen_buf, gen_buf); + strncpy(irp->gen_buf, gen_buf, 1023); } else { @@ -1079,7 +1079,7 @@ dev_redir_file_open(void *fusep, tui32 device_id, char *path, irp->CompletionId = g_completion_id++; irp->DeviceId = device_id; - strcpy(irp->pathname, path); + strncpy(irp->pathname, path, 255); devredir_fuse_data_enqueue(irp, fusep); if (mode & O_CREAT) @@ -1185,7 +1185,7 @@ devredir_rmdir_or_file(void *fusep, tui32 device_id, char *path, int mode) irp->completion_type = CID_RMDIR_OR_FILE; irp->DeviceId = device_id; - strcpy(irp->pathname, path); + strncpy(irp->pathname, path, 255); devredir_fuse_data_enqueue(irp, fusep); //DesiredAccess = DA_DELETE | DA_FILE_READ_ATTRIBUTES | DA_SYNCHRONIZE;