From 46627c05ad0feba0b5699e909eb13ef07cc7e366 Mon Sep 17 00:00:00 2001
From: Martin Matuska <martin@matuska.de>
Date: Wed, 7 Dec 2022 15:59:14 +0100
Subject: tests: silence CodeQL warning in tar/test_option_b

Use strncpy() and strncat() instead of strcpy() and strcat()
---
 tar/test/test_option_b.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/tar/test/test_option_b.c b/tar/test/test_option_b.c
index 0eee80d8..d1b75e35 100644
--- a/tar/test/test_option_b.c
+++ b/tar/test/test_option_b.c
@@ -30,15 +30,17 @@ __FBSDID("$FreeBSD$");
 DEFINE_TEST(test_option_b)
 {
 	char *testprog_ustar;
+	size_t testprog_ustar_len;
 
 	assertMakeFile("file1", 0644, "file1");
 	if (systemf("cat file1 > test_cat.out 2> test_cat.err") != 0) {
 		skipping("This test requires a `cat` program");
 		return;
 	}
-	testprog_ustar = malloc(strlen(testprog) + sizeof(USTAR_OPT) + 1);
-	strcpy(testprog_ustar, testprog);
-	strcat(testprog_ustar, USTAR_OPT);
+	testprog_ustar_len = strlen(testprog) + sizeof(USTAR_OPT) + 1;
+	testprog_ustar = malloc(testprog_ustar_len);
+	strncpy(testprog_ustar, testprog, testprog_ustar_len);
+	strncat(testprog_ustar, USTAR_OPT, testprog_ustar_len);
 
 	/*
 	 * Bsdtar does not pad if the output is going directly to a disk file.
-- 
cgit v1.2.1