Opened 9 years ago

Closed 7 years ago

#1315 closed defect (fixed)

DebCheck QA: Dangerous usage (strncpy doesn't always 0-terminate it)

Reported by: hamish Owned by: grass-dev@…
Priority: normal Milestone: 6.4.3
Component: Compiling Version: 6.4.0
Keywords: r.support Cc:
CPU: Unspecified Platform: Linux

Description

(see #1311)

  • ./raster/r.support/modcolr/modcolr.c:44 [error] - Dangerous usage of 'name' (strncpy doesn't always 0-terminate it)
  • ./raster/r.support/modhist/modhist.c:45 [error] - Dangerous usage of 'name' (strncpy doesn't always 0-terminate it)

probably it is time to revisit the safe string copy/sprintf best practice in the SUBMITTING file.

Hamish

Change History (3)

comment:1 Changed 8 years ago by hamish

fixed in devbr6 with r50186. (r.support in trunk audited, repaired in r50185)

Hamish

comment:2 Changed 7 years ago by neteler

Milestone: 6.4.26.4.3

Please backport if appropriate (perhaps we need to get rid of devbr6).

comment:3 Changed 7 years ago by hamish

Resolution: fixed
Status: newclosed

backported to relbr64 by mmetz in r52903.

closing ticket, Hamish

Note: See TracTickets for help on using tickets.