rerere: replace strcpy with xsnprintf

peff · gitster · commit f58316db0ef1 · 2016-02-08T14:55:28.000-08:00
This shouldn't overflow, as we are copying a sha1 hex into a
41-byte buffer. But it does not hurt to use a bound-checking
function, which protects us and makes auditing for overflows
easier.

Signed-off-by: Jeff King &lt;peff@peff.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
diff --git a/rerere.c b/rerere.c
@@ -50,7 +50,7 @@ static int has_rerere_resolution(const struct rerere_id *id)
 static struct rerere_id *new_rerere_id_hex(char *hex)
 {
 	struct rerere_id *id = xmalloc(sizeof(*id));
-	strcpy(id->hex, hex);
+	xsnprintf(id->hex, sizeof(id->hex), "%s", hex);
 	return id;
 }
 
@@ -900,7 +900,7 @@ int rerere_forget(struct pathspec *pathspec)
 static struct rerere_id *dirname_to_id(const char *name)
 {
 	static struct rerere_id id;
-	strcpy(id.hex, name);
+	xsnprintf(id.hex, sizeof(id.hex), "%s", name);
 	return &id;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -50,7 +50,7 @@ static int has_rerere_resolution(const struct rerere_id *id)`
`50`	`50`	`static struct rerere_id new_rerere_id_hex(char hex)`
`51`	`51`	`{`
`52`	`52`	`struct rerere_id id = xmalloc(sizeof(id));`
`53`		`- strcpy(id->hex, hex);`
	`53`	`+ xsnprintf(id->hex, sizeof(id->hex), "%s", hex);`
`54`	`54`	`return id;`
`55`	`55`	`}`
`56`	`56`
`@@ -900,7 +900,7 @@ int rerere_forget(struct pathspec *pathspec)`
`900`	`900`	`static struct rerere_id dirname_to_id(const char name)`
`901`	`901`	`{`
`902`	`902`	`static struct rerere_id id;`
`903`		`- strcpy(id.hex, name);`
	`903`	`+ xsnprintf(id.hex, sizeof(id.hex), "%s", name);`
`904`	`904`	`return &id;`
`905`	`905`	`}`
`906`	`906`