libDtSearch/dtsrapi.c: Coverity CID 86857; dest buf too small

author Jon Trulson <jon@radscan.com>

Mon, 2 Apr 2018 22:37:40 +0000 (16:37 -0600)

committer Jon Trulson <jon@radscan.com>

Mon, 2 Apr 2018 23:02:16 +0000 (17:02 -0600)
author Jon Trulson <jon@radscan.com>
Mon, 2 Apr 2018 22:37:40 +0000 (16:37 -0600)
committer Jon Trulson <jon@radscan.com>
Mon, 2 Apr 2018 23:02:16 +0000 (17:02 -0600)
diff --git a/cde/lib/DtSearch/dtsrapi.c b/cde/lib/DtSearch/dtsrapi.c

index d16e7e66b2bf138449b8102799c62d4405651584..ae09523fd9090e167b727c22d46cd4600efd4cbb 100644 (file)
--- a/cde/lib/DtSearch/dtsrapi.c
+++ b/cde/lib/DtSearch/dtsrapi.c
@@ -543,7 +543,8 @@ int             DtSearchQuery (
      LLIST          *llp;
      enum { TEXT, NAVSTRING, FZKEYI }
                      qryarg;
-    char            date1str[24];
+# define _DATE1STR_LEN (24)
+    char            date1str[_DATE1STR_LEN];
  
      if (!valid_dbname (dbname))
         return DtSrREINIT;
@@ -621,7 +622,8 @@ QUERY_ERROR:
             *ptr++ = ' ';
         }
         *(--ptr) = 0;
-       strcpy (date1str, objdate2fzkstr (usrblk.objdate1));
+       strncpy(date1str, objdate2fzkstr (usrblk.objdate1), _DATE1STR_LEN);
+        date1str[_DATE1STR_LEN - 1] = 0;
         fprintf (aa_stderr,
             PROGNAME "353 DtSearchQuery(): dbname='%s' srchtype='%c'\n"
             "  maxhits=%d keytypes='%s'\n"
author	Jon Trulson <jon@radscan.com>
	Mon, 2 Apr 2018 22:37:40 +0000 (16:37 -0600)
committer	Jon Trulson <jon@radscan.com>
	Mon, 2 Apr 2018 23:02:16 +0000 (17:02 -0600)