From 092fc209219ee6ca6ce3d98e163bfc77d8624532 Mon Sep 17 00:00:00 2001
From: Pierre Ossman <ossman@cendio.se>
Date: Wed, 10 Apr 2019 11:14:12 +0200
Subject: [PATCH] Use STRNCPY() macro in smart card code

The previous code did not do a proper bounds check and could result
in buffer overflows and unterminated strings if long names were
specified.
---
 scard.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/scard.c b/scard.c
index 468bdd4..6178d6e 100644
--- a/scard.c
+++ b/scard.c
@@ -237,10 +237,8 @@ scard_enum_devices(uint32 * id, char *optarg)
 
 				tmpMap = nameMapList + nameMapCount - 1;
 
-				len = strlen(alias);
-				strncpy(tmpMap->alias, alias, (len > 127) ? (127) : (len));
-				len = strlen(name);
-				strncpy(tmpMap->name, name, (len > 127) ? (127) : (len));
+				STRNCPY(tmpMap->alias, alias, sizeof(tmpMap->alias));
+				STRNCPY(tmpMap->name, name, sizeof(tmpMap->name));
 
 				if (vendor)
 				{
@@ -248,8 +246,8 @@ scard_enum_devices(uint32 * id, char *optarg)
 					if (len > 0)
 					{
 						memset(tmpMap->vendor, 0, 128);
-						strncpy(tmpMap->vendor, vendor,
-							(len > 127) ? (127) : (len));
+						STRNCPY(tmpMap->vendor, vendor,
+							sizeof(tmpMap->vendor));
 					}
 					else
 						tmpMap->vendor[0] = '\0';