From a9e7012dfd1e1c2a47b728e47b69bdb9012f41d8 Mon Sep 17 00:00:00 2001 From: Lev Kujawski Date: Thu, 11 Feb 2021 20:04:11 -0700 Subject: [PATCH] Fix a potential read of uninitialized memory through a pointer src/lib/libast/misc/magic.c: - Use strncpy instead of memcpy to avoid reading past the null terminator of the string pointed to by p. --- src/lib/libast/misc/magic.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lib/libast/misc/magic.c b/src/lib/libast/misc/magic.c index e2355880d..8ecdc13ed 100644 --- a/src/lib/libast/misc/magic.c +++ b/src/lib/libast/misc/magic.c @@ -687,8 +687,8 @@ ckmagic(register Magic_t* mp, const char* file, char* buf, char* end, struct sta c = mp->fbsz; if (c >= sizeof(mp->nbuf)) c = sizeof(mp->nbuf) - 1; - p = (char*)memcpy(mp->nbuf, p, c); - p[c] = 0; + p = strncpy(mp->nbuf, p, c); + p[c] = '\0'; ccmapstr(mp->x2n, p, c); if ((c = regexec(ep->value.sub, p, elementsof(matches), matches, 0)) || (c = regsubexec(ep->value.sub, p, elementsof(matches), matches))) {