From 49a0c1671a71a796ed4c794003e3bb96320e863c Mon Sep 17 00:00:00 2001
From: Andre Noll <maan@systemlinux.org>
Date: Wed, 31 Oct 2007 01:07:16 +0100
Subject: [PATCH] vss.c: Avoid strcpy() to a fixed-size buffer.

---
 aft.c | 5 +++--
 vss.c | 3 ++-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/aft.c b/aft.c
index f55bf847..f6631096 100644
--- a/aft.c
+++ b/aft.c
@@ -723,8 +723,9 @@ int open_and_update_audio_file(struct osl_row *aft_row, struct audio_file_data *
 	ret = get_attribute_text(&afd->afsi.attributes, " ", &tmp);
 	if (ret < 0)
 		goto err;
-	tmp[sizeof(afd->attributes_string) - 1] = '\0';
-	strcpy(afd->attributes_string, tmp); /* OK */
+	assert(tmp);
+	strncpy(afd->attributes_string, tmp, sizeof(afd->attributes_string));
+	afd->attributes_string[sizeof(afd->attributes_string) - 1] = '\0';
 	free(tmp);
 
 	aced.aft_row = aft_row;
diff --git a/vss.c b/vss.c
index ee63d103..4418c53a 100644
--- a/vss.c
+++ b/vss.c
@@ -198,7 +198,8 @@ static void vss_eof(void)
 	mmd->afd.afhi.chunk_table = NULL;
 	tmp  = make_message("%s:\n%s:\n%s:\n", status_item_list[SI_AUDIO_INFO1],
 		status_item_list[SI_AUDIO_INFO2], status_item_list[SI_AUDIO_INFO3]);
-	strcpy(mmd->afd.afhi.info_string, tmp);
+	strncpy(mmd->afd.afhi.info_string, tmp, sizeof(mmd->afd.afhi.info_string));
+	mmd->afd.afhi.info_string[sizeof(mmd->afd.afhi.info_string) - 1] = '\0';
 	free(tmp);
 	mmd->afd.path[0] = '\0';
 	mmd->afd.afsi.lyrics_id = 0;
-- 
2.39.5