[PATCH:makedepend] Bug 56091 - Unsafe use of strcpy() in makedepend

Alan Coopersmith alan.coopersmith at oracle.com
Tue Feb 12 18:39:07 PST 2013


Use memmove for potentially overlapping copies.

Reported-by: Laurence Jupp <laurence at narya.org>
Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
---
 parse.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/parse.c b/parse.c
index 2d7c95a..e5240c3 100644
--- a/parse.c
+++ b/parse.c
@@ -229,7 +229,7 @@ deftype (char *line, struct filepointer *filep,
 		/*
 		 * copy the definition back to the beginning of the line.
 		 */
-		strcpy (line, p);
+		memmove (line, p, strlen(p) + 1);
 		break;
 	case ELSE:
 	case ENDIF:
-- 
1.7.9.2



More information about the xorg-devel mailing list