tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c

strcpy() performs no bounds checking and can lead to buffer overflows if
the input string exceeds the destination buffer size. This patch replaces
it with strncpy(), and null terminates the input string.

Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
Reviewed-by: Nicolas Schier <nicolas.schier@linux.dev>
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>

authored by

Suchit Karunakaran and committed by
Masahiro Yamada 5ac72665 1918f983

+4 -2
+4 -2
scripts/kconfig/lxdialog/inputbox.c
··· 39 39 40 40 if (!init) 41 41 instr[0] = '\0'; 42 - else 43 - strcpy(instr, init); 42 + else { 43 + strncpy(instr, init, sizeof(dialog_input_result) - 1); 44 + instr[sizeof(dialog_input_result) - 1] = '\0'; 45 + } 44 46 45 47 do_resize: 46 48 if (getmaxy(stdscr) <= (height - INPUTBOX_HEIGHT_MIN))