syscall: replace strcpy() by g_strlcpy()

linux-user/syscall.c:9860:17: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy (buf->machine, cpu_to_uname_machine(cpu_env)); ^~~~~~ Reported-by: Clang Static Analyzer Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20170724182751.18261-32-f4bug@amsat.org> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2017-07-24 15:27:47 -03:00 · 2017-07-24 15:27:47 -03:00 · 871f95c617
parent 392fba9f58
commit 871f95c617
1 changed files with 2 additions and 1 deletions
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@ -10156,7 +10156,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
            if (!is_error(ret)) {
                /* Overwrite the native machine name with whatever is being
                   emulated. */
-                strcpy (buf->machine, cpu_to_uname_machine(cpu_env));
+                g_strlcpy(buf->machine, cpu_to_uname_machine(cpu_env),
+                          sizeof(buf->machine));
                /* Allow the user to override the reported release.  */
                if (qemu_uname_release && *qemu_uname_release) {
                    g_strlcpy(buf->release, qemu_uname_release,