Comments
Patch
@@ -337,7 +337,7 @@ static char *fwts_log_filename(const char *filename, const fwts_log_type type)
char *suffix;
size_t suffix_len;
size_t trunc_len;
- size_t filename_len;
+ size_t new_len;
struct stat stat_buf;
/*
@@ -368,12 +368,13 @@ static char *fwts_log_filename(const char *filename, const fwts_log_type type)
!strcmp(ptr, ".html"))) {
trunc_len = ptr - filename;
- if ((new_name = calloc(trunc_len + suffix_len + 1, 1)) == NULL) {
+ new_len = trunc_len + suffix_len + 1;
+ if ((new_name = calloc(new_len, 1)) == NULL) {
fprintf(stderr, "Cannot allocate log name.\n");
return NULL;
}
strncpy(new_name, filename, trunc_len);
- strcat(new_name, suffix); /* strcat OK because calloc zero'd all of new_name */
+ strncat(new_name, suffix, new_len); /* strncat OK because calloc zero'd all of new_name */
return new_name;
}
@@ -381,14 +382,14 @@ static char *fwts_log_filename(const char *filename, const fwts_log_type type)
* We didn't find a suffix or a known suffix, so append
* the appropriate one to the given log filename
*/
- filename_len = strlen(filename);
- if ((new_name = calloc(filename_len + suffix_len + 1, 1)) == NULL) {
+ new_len = strlen(filename) + suffix_len + 1;
+ if ((new_name = calloc(new_len, 1)) == NULL) {
fprintf(stderr, "Cannot allocate log name.\n");
return NULL;
}
- strcpy(new_name, filename);
- strcat(new_name, suffix);
+ strncpy(new_name, filename, new_len);
+ strncat(new_name, suffix, new_len);
return new_name;
}
@@ -588,15 +589,15 @@ char *fwts_log_get_filenames(const char *filename, const fwts_log_type type)
free(tmp);
return NULL;
}
- strcat(filenames, " ");
- strcat(filenames, tmp);
+ strncat(filenames, " ", len);
+ strncat(filenames, tmp, len);
} else {
len = strlen(tmp) + 1;
if ((filenames = malloc(len)) == NULL) {
free(tmp);
return NULL;
}
- strcpy(filenames, tmp);
+ strncpy(filenames, tmp, len);
}
free(tmp);
}