[Patch] Fix strcpy misuse in getProxyInfo()

Explorer09 · 2017-03-01, 16:18

strcpy() is Undefined Behavior on overlapping strings.
It should be safe_strcpy() (which is a macro that expands to memmove()).

Code:

diff -r -u -p a/primenet.c b/primenet.c
--- a/primenet.c	2015-03-25 22:37:57.000000000 +0800
+++ b/primenet.c	2017-03-01 21:56:26.874830280 +0800
@@ -222,7 +222,7 @@ void getProxyInfo (char *szProxyHost, unsigned short *nProxyPort, char *szProxyUser, char *szProxyPassword)
 	    (szProxyHost[3] == 'P' || szProxyHost[3] == 'p') &&
 	    szProxyHost[4] == ':' && szProxyHost[5] == '/' &&
 	    szProxyHost[6] == '/')
-		strcpy (szProxyHost, szProxyHost + 7);
+		safe_strcpy (szProxyHost, szProxyHost + 7);
 
 /* Get optional port number */
 
@@ -525,7 +525,7 @@ pnHttpServer (char *pbuf, unsigned cbuf, char* postargs)
 			    (location[3] == 'P' || location[3] == 'p') &&
 			    location[4] == ':' && location[5] == '/' &&
 			    location[6] == '/')
-				strcpy (location, location + 7);
+				safe_strcpy (location, location + 7);
 			con_host = location;
 
 /* Get optional port number */

Prime95 · 2017-03-01, 22:03

Fixed, thanks!

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
(Patch) Handling of SIGHUP and SIGPIPE (for mprime)	Explorer09	Software	2	2017-03-08 05:37
(patch) No need for fmt_mask[] buffer	Explorer09	Software	12	2015-09-23 22:22
(patch) IniWriteFloat should limit its field width	Explorer09	Software	0	2015-09-23 01:02
v1.40 patch for massive NFS oversieving	jasonp	Msieve	18	2009-04-09 03:20
Amd patch	moo	Hardware	6	2005-10-10 23:29

2017-03-01, 22:03	#2
Prime95 P90 years forever! Aug 2002 Yeehaw, FL 3⁵×31 Posts	Fixed, thanks!