fix coverity CID 95865: bail out nicely on too long font name

author: Pierre Joye <pierre.php@gmail.com> 2016-06-20 09:35:56 +0700
committer: Pierre Joye <pierre.php@gmail.com> 2016-06-20 09:35:56 +0700
commit: 77055bc4047e47402aa6b201a1d63bdba61dd54b (patch)
tree: 1c1f3b244e8e0853b5b7e5eafc07c3eda455a7a3 /src/annotate.c
parent: 2b7c36d0743f4b1908edb7cac6de9bfb72ff7376 (diff)
download: libgd-77055bc4047e47402aa6b201a1d63bdba61dd54b.tar.gz
1 files changed, 8 insertions, 3 deletions
diff --git a/src/annotate.c b/src/annotate.c
index c66e331..00aaf49 100644
--- a/src/annotate.c
+++ b/src/annotate.c
@@ -47,7 +47,7 @@ int main(int argc, char *argv[])
 		fprintf(stderr, "Standard input should consist of\n");
 		fprintf(stderr, "lines in the following formats:\n");
 		fprintf(stderr, "color r g b (0-255 each) [a (0-127, 0 is opaque)]\n");
-		fprintf(stderr, "font fontname\n");
+		fprintf(stderr, "font fontname (max name length 1024)\n");
 		fprintf(stderr, "size pointsize\n");
 		fprintf(stderr, "align (left|right|center)\n");
 		fprintf(stderr, "move x y\n");
@@ -98,9 +98,14 @@ int main(int argc, char *argv[])
 			char *st = strtok(0, " \t\r\n");
 			if(!st) {
 				goto badLine;
+			} else {
+				const unsigned int font_len = strlen(st);
+				if (font_len >= 1024) {
+					fprintf(stderr, "Font maximum length is 1024, %d given\n", font_len);
+					goto badLine;
+				}
+				strncpy(font, st, font_len);
 			}
-
-			strcpy(font, st);
 		} else if(!strcmp(st, "align")) {
 			char *st = strtok(0, " \t\r\n");
author	Pierre Joye <pierre.php@gmail.com>	2016-06-20 09:35:56 +0700
committer	Pierre Joye <pierre.php@gmail.com>	2016-06-20 09:35:56 +0700
commit	77055bc4047e47402aa6b201a1d63bdba61dd54b (patch)
tree	1c1f3b244e8e0853b5b7e5eafc07c3eda455a7a3 /src/annotate.c
parent	2b7c36d0743f4b1908edb7cac6de9bfb72ff7376 (diff)
download	libgd-77055bc4047e47402aa6b201a1d63bdba61dd54b.tar.gz