Use STRNCPY() macro in smart card code

The previous code did not do a proper bounds check and could result
in buffer overflows and unterminated strings if long names were
specified.
This commit is contained in:
Pierre Ossman 2019-04-10 11:14:12 +02:00
parent 48b184477e
commit 092fc20921

10
scard.c
View File

@ -237,10 +237,8 @@ scard_enum_devices(uint32 * id, char *optarg)
tmpMap = nameMapList + nameMapCount - 1; tmpMap = nameMapList + nameMapCount - 1;
len = strlen(alias); STRNCPY(tmpMap->alias, alias, sizeof(tmpMap->alias));
strncpy(tmpMap->alias, alias, (len > 127) ? (127) : (len)); STRNCPY(tmpMap->name, name, sizeof(tmpMap->name));
len = strlen(name);
strncpy(tmpMap->name, name, (len > 127) ? (127) : (len));
if (vendor) if (vendor)
{ {
@ -248,8 +246,8 @@ scard_enum_devices(uint32 * id, char *optarg)
if (len > 0) if (len > 0)
{ {
memset(tmpMap->vendor, 0, 128); memset(tmpMap->vendor, 0, 128);
strncpy(tmpMap->vendor, vendor, STRNCPY(tmpMap->vendor, vendor,
(len > 127) ? (127) : (len)); sizeof(tmpMap->vendor));
} }
else else
tmpMap->vendor[0] = '\0'; tmpMap->vendor[0] = '\0';