FileUtils.c: fix CERT VU#575804

diff --git a/cde/lib/DtHelp/FileUtils.c b/cde/lib/DtHelp/FileUtils.c
index fde078e182cb878aee8fbb56d7f10d4ac39e72cd..371948d2e3eb810c488361292e11284f5fa1fd9d 100644 (file)
--- a/cde/lib/DtHelp/FileUtils.c
+++ b/cde/lib/DtHelp/FileUtils.c
@@ -453,8 +453,9 @@ char * _DtHelpFileLocate (
        /*** this is monstrously inefficient--but it shouldn't get called often ***/
 
        /* get user's current working directory */
-       if (getcwd(tmpPath, MAXPATHLEN) == NULL) return NULL; /* RETURN: error */
-
+       /* JET - CERT VU#575804 */
+       if (getcwd(tmpPath, MAXPATHLEN - 1) == NULL) return NULL; /* RETURN: error */
+       
        /* make path end in a slash */
        eos = tmpPath + strlen(tmpPath);
        _DtHelpCeStrrchr(tmpPath,DirSlashStr,MB_CUR_MAX,&slash);
@@ -530,7 +531,9 @@ char * _DtHelpFileLocate (
              *ptr = EOS;
 
           /* compress that path */
-          strcpy(tmpPath,curPath);
+          /* JET - CERT VU#575804 */
+          strncpy(tmpPath, curPath, MAXPATHLEN);
+
           _DtHelpCeCompressPathname(tmpPath);
 
           /* test all suffixes */