From 28d1f2579f3325b3772ec3c950af46d83378eda2 Mon Sep 17 00:00:00 2001 From: Jan Synacek Date: Fri, 30 Nov 2012 14:38:34 +0100 Subject: [PATCH] Use strncpy instead of strcpy (coverity) --- sgpio-1.2-coverity.patch | 16 ++++++++++++++++ sgpio.spec | 7 ++++++- 2 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 sgpio-1.2-coverity.patch diff --git a/sgpio-1.2-coverity.patch b/sgpio-1.2-coverity.patch new file mode 100644 index 0000000..6a25425 --- /dev/null +++ b/sgpio-1.2-coverity.patch @@ -0,0 +1,16 @@ +Assume buffer overflow even if it's not possible. +Found by coverity. + +Author: Jan Synacek + +--- sgpio/sgpio.c.orig 2012-11-30 14:14:09.000000000 +0100 ++++ sgpio/sgpio.c 2012-11-30 14:14:17.437228466 +0100 +@@ -629,7 +629,7 @@ + return -1; + } + +- strcpy(location, sys_scsi_path); ++ strncpy(location, sys_scsi_path, FS_PATH_LEN); + len = strlen(location); + + for(i=0;i - 1.2.0.10-10 +- Use strncpy instead of strcpy (coverity) + * Mon Nov 19 2012 Jan Synáček - 1.2.0.10-9 - dos2unix'ed the patch - Call dos2unix before patching and dos2unix Makefile as well