svn commit: r299520 - head/lib/libfetch
Don Lewis
truckman at FreeBSD.org
Thu May 12 06:39:15 UTC 2016
Author: truckman
Date: Thu May 12 06:39:13 2016
New Revision: 299520
URL: https://svnweb.freebsd.org/changeset/base/299520
Log:
Use strlcpy() instead of strncpy() to copy the string returned by
setlocale() so that static analyzers know that the string is NUL
terminated. This was causing a false positive in Coverity even
though the longest string returned by setlocale() is ENCODING_LEN
(31) and we are copying into a 64 byte buffer. This change is also
a bit of an optimization since we don't need the strncpy() feature
of padding the rest of the destination buffer with NUL characters.
Reported by: Coverity
CID: 974654
Modified:
head/lib/libfetch/http.c
Modified: head/lib/libfetch/http.c
==============================================================================
--- head/lib/libfetch/http.c Thu May 12 06:20:26 2016 (r299519)
+++ head/lib/libfetch/http.c Thu May 12 06:39:13 2016 (r299520)
@@ -875,7 +875,7 @@ http_parse_mtime(const char *p, time_t *
char locale[64], *r;
struct tm tm;
- strncpy(locale, setlocale(LC_TIME, NULL), sizeof(locale));
+ strlcpy(locale, setlocale(LC_TIME, NULL), sizeof(locale));
setlocale(LC_TIME, "C");
r = strptime(p, "%a, %d %b %Y %H:%M:%S GMT", &tm);
/*
More information about the svn-src-all
mailing list