From 2c3a332d522d0fa9400fa7e51a0bb32d9ed2b68f Mon Sep 17 00:00:00 2001
From: Claudiu Olteanu <claudiu@140774ce-b5e7-0310-ab8b-a85725594a96>
Date: Fri, 28 Mar 2014 21:41:12 +0000
Subject: [PATCH] Fixed the overflow problems reported in issue 3350

---
 src/transport/gnunet-helper-transport-bluetooth.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/transport/gnunet-helper-transport-bluetooth.c b/src/transport/gnunet-helper-transport-bluetooth.c
index 3f32edc45..8ccfe6377 100644
--- a/src/transport/gnunet-helper-transport-bluetooth.c
+++ b/src/transport/gnunet-helper-transport-bluetooth.c
@@ -96,6 +96,11 @@
     }
 #endif
 
+/**
+ * In bluez library, the maximum name length of a device is 8
+ */
+#define BLUEZ_DEVNAME_SIZE  8
+
 /**
  * struct for storing the information of the hardware.  There is only
  * one of these.
@@ -1156,7 +1161,7 @@ open_device (struct HardwareInfos *dev)
 
       memset (&dev_info, 0, sizeof(struct hci_dev_info));
       dev_info.dev_id = request.dev[i].dev_id;
-      strncpy (dev_info.name, dev->iface, IFNAMSIZ);
+      strncpy (dev_info.name, dev->iface, BLUEZ_DEVNAME_SIZE);
 
       if (ioctl (fd_hci, HCIGETDEVINFO, (void *) &dev_info))
       {
@@ -1165,7 +1170,7 @@ open_device (struct HardwareInfos *dev)
         return 1;
       }
 
-      if (strcmp (dev_info.name, dev->iface) == 0)
+      if (strncmp (dev_info.name, dev->iface, BLUEZ_DEVNAME_SIZE) == 0)
       {
 
         dev_id = dev_info.dev_id; //the device was found
-- 
2.25.1