From a96155657b690a7de3a7670f3014867487cba838 Mon Sep 17 00:00:00 2001
From: Lukas Javorsky <ljavorsk@redhat.com>
Date: Mon, 12 Aug 2024 13:02:35 +0200
Subject: [PATCH 3/7] Safely handle the "name" argument in NewFile func

Since the NewFile func is called with argv[] arguments, there should be
a safety check in case that the arguments are tainted.
---
 src/devices/xditview/xditview.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/devices/xditview/xditview.c b/src/devices/xditview/xditview.c
index 1f56940b2..9ee0470c2 100644
--- a/src/devices/xditview/xditview.c
+++ b/src/devices/xditview/xditview.c
@@ -364,7 +364,8 @@ NewFile (const char *name)
     }
     hadFile = 1;
     SelectPageNumber ("1");
-    strcpy (current_file_name, name);
+    strncpy(current_file_name, name, sizeof(current_file_name) - 1);
+    current_file_name[sizeof(current_file_name) - 1] = '\0';  // Ensure null-termination
     current_file = new_file;
 }
 
-- 
2.44.0