luo980/libuv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

unix: avoid buffer overflow in proctitle.c

Browse Source 
Get/set process title with uv_strlcpy(), not strncpy(). The latter won't
zero-terminate the result if the destination buffer is too small.
This commit is contained in:
Ben Noordhuis 2012-07-13 15:03:37 +02:00
parent dc97d44c56
commit a87abc7070
1 changed files with 2 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/unix/proctitle.c
View File

@ -81,22 +81,12 @@ char** uv_setup_args(int argc, char** argv) {
uv_err_t uv_set_process_title(const char* title) {
/* No need to terminate, last char is always '\0'. */
if (process_title.len)
strncpy(process_title.str, title, process_title.len - 1);
uv_strlcpy(process_title.str, title, process_title.len);
return uv_ok_;
}
uv_err_t uv_get_process_title(char* buffer, size_t size) {
if (process_title.str) {
strncpy(buffer, process_title.str, size);
} else {
if (size > 0) {
buffer[0] = '\0';
}
}
uv_strlcpy(buffer, process_title.str ? process_title.str : "", size);
return uv_ok_;
}