Replaced two strcpy() calls in dumb interface.

author David Griffith <dave@661.org>

Tue, 12 Feb 2019 13:00:32 +0000 (05:00 -0800)

committer David Griffith <dave@661.org>

Tue, 12 Feb 2019 13:00:32 +0000 (05:00 -0800)
author David Griffith <dave@661.org>
Tue, 12 Feb 2019 13:00:32 +0000 (05:00 -0800)
committer David Griffith <dave@661.org>
Tue, 12 Feb 2019 13:00:32 +0000 (05:00 -0800)
diff --git a/src/dumb/dumb_input.c b/src/dumb/dumb_input.c

index 03058ad6ff2a35c7820e9b0f278b1483431e9370..a012ae6d42737343baa106024060eee23a580d3d 100644 (file)
--- a/src/dumb/dumb_input.c
+++ b/src/dumb/dumb_input.c
@@ -441,7 +441,10 @@ char *os_read_file_name (const char *default_name, int flag)
      }
    }
  
-  strcpy (file_name, buf[0] ? buf : default_name);
+  if (buf[0])
+    strncpy(file_name, buf, FILENAME_MAX);
+  else
+    strncpy(file_name, default_name, FILENAME_MAX);
  
    /* Check if we're restricted to one directory. */
    if (f_setup.restricted_path != NULL) {
@@ -452,7 +455,7 @@ char *os_read_file_name (const char *default_name, int flag)
        }
      }
      tempname = strdup(file_name + i);
-    strcpy(file_name, f_setup.restricted_path);
+    strncpy(file_name, f_setup.restricted_path, FILENAME_MAX);
      if (file_name[strlen(file_name)-1] != PATH_SEPARATOR) {
        strcat(file_name, "/");
      }
author	David Griffith <dave@661.org>
	Tue, 12 Feb 2019 13:00:32 +0000 (05:00 -0800)
committer	David Griffith <dave@661.org>
	Tue, 12 Feb 2019 13:00:32 +0000 (05:00 -0800)