Removed possibility of buffer overflow by using g_strdup_printf instead of

2002-07-08  Mikael Hallendal  <micke@codefactory.se>

	* src/yelp-info.c:
	(yelp_info_read_info_dir): Removed possibility of buffer overflow
	  by using g_strdup_printf instead of strcpy. Fixes #87127. Thanks
	  to Laavanya K R for finding and proposing a solution.

2 files changed, 15 insertions, 8 deletions

diff --git a/ChangeLog b/ChangeLog
index b9c99687..6a5c089b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2002-07-08  Mikael Hallendal  <micke@codefactory.se>
+
+	* src/yelp-info.c:
+	(yelp_info_read_info_dir): Removed possibility of buffer overflow
+	  by using g_strdup_printf instead of strcpy. Fixes #87127. Thanks
+	  to Laavanya K R for finding and proposing a solution.
+
 2002-07-07  Glynn Foster  <glynn.foster@sun.com>
 
 	* yelp.desktop.in (X-GNOME-DocPath): 
diff --git a/src/yelp-info.c b/src/yelp-info.c
index 14c6bffc..86997862 100644
--- a/src/yelp-info.c
+++ b/src/yelp-info.c
@@ -58,7 +58,7 @@ yelp_info_read_info_dir (const char *basedir, GSList **info_list)
 
 	while ((dent = readdir (dirh))) {
 		char *ctmp = NULL;
-		char uribuf[128], titlebuf[128];
+		char *str_uri, *title;
 
 		if (dent->d_name[0] == '.') {
 			continue;
@@ -78,16 +78,16 @@ yelp_info_read_info_dir (const char *basedir, GSList **info_list)
 
 		*ctmp = '\0';
 
-		strcpy (titlebuf, dent->d_name);
-		strcat (titlebuf, " (info)");
+		title = g_strdup_printf ("%s (info)", dent->d_name);
 
-		g_snprintf (uribuf, sizeof (uribuf), "info:%s", dent->d_name);
-
-		uri = yelp_uri_new (uribuf);
+		str_uri = g_strdup_printf ("info:%s", dent->d_name);
+		uri = yelp_uri_new (str_uri);
+		g_free (str_uri);
 
 		section = yelp_section_new (YELP_SECTION_DOCUMENT,
-					    titlebuf, uri);
-
+					    title, uri);
+		g_free (title);
+		
 		yelp_uri_unref (uri);
 		
 		*info_list = g_slist_prepend (*info_list, section);