From bdadcad1c8f1ea555fc1bfcfe541da99a67f667d Mon Sep 17 00:00:00 2001 From: Andri Yngvason Date: Fri, 29 Sep 2023 22:00:46 +0000 Subject: [PATCH] Replace strlcpy with strncpy The former isn't portable. --- src/crypto-nettle.c | 3 ++- src/server.c | 6 ++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/src/crypto-nettle.c b/src/crypto-nettle.c index 15d490f..9469539 100644 --- a/src/crypto-nettle.c +++ b/src/crypto-nettle.c @@ -609,7 +609,8 @@ bool crypto_rsa_priv_key_load(struct crypto_rsa_priv_key* priv, } char head[128]; - strlcpy(head, line, sizeof(head)); + strncpy(head, line, sizeof(head)); + head[sizeof(head) - 1] = '\0'; char* end = strchr(head, '\n'); if (end) *end = '\0'; diff --git a/src/server.c b/src/server.c index d98c7a6..e920b59 100644 --- a/src/server.c +++ b/src/server.c @@ -755,9 +755,11 @@ static int on_rsa_aes_credentials(struct nvnc_client* client) char username[256]; char password[256]; - strlcpy(username, (const char*)(msg + 1), username_len + 1); - strlcpy(password, (const char*)(msg + 2 + username_len), + strncpy(username, (const char*)(msg + 1), username_len + 1); + username[sizeof(username) - 1] = '\0'; + strncpy(password, (const char*)(msg + 2 + username_len), password_len + 1); + password[sizeof(password) - 1] = '\0'; if (server->auth_fn(username, password, server->auth_ud)) { nvnc_log(NVNC_LOG_INFO, "User \"%s\" authenticated", username);