romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-14 22:21:41 +03:00
Code Issues Projects Releases Packages Wiki Activity

curlx: curlx_strcopy() instead of strcpy()

Browse source 
This function REQUIRES the size of the target buffer as well as the
length of the source string. Meant to make it harder to do a bad
strcpy().

Removes 23 calls to strcpy().

Closes #20067
This commit is contained in:
Daniel Stenberg 2025-12-21 23:40:24 +01:00
parent f099c2ca55
commit a535be4ea0
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
30 changed files with 195 additions and 97 deletions
Download patch file Download diff file Expand all files Collapse all files

3
lib/ws.c
View file

@ -40,6 +40,7 @@
#include "transfer.h"
#include "select.h"
#include "curlx/strparse.h"
#include "curlx/strcopy.h"
/***
RFC 6455 Section 5.2
@ -1274,7 +1275,7 @@ CURLcode Curl_ws_request(struct Curl_easy *data, struct dynbuf *req)
curlx_free(randstr);
return CURLE_FAILED_INIT;
}
strcpy(keyval, randstr);
curlx_strcopy(keyval, sizeof(keyval), randstr, randlen);
curlx_free(randstr);
for(i = 0; !result && (i < CURL_ARRAYSIZE(heads)); i++) {
if(!Curl_checkheaders(data, heads[i].name, strlen(heads[i].name))) {