From Mike Duigou

Safer handling for building address string for AT_STRINGZ and AT_URI.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16321 f5534014-38df-0310-8fa8-9805f1628bb7

diff --git a/epan/to_str.c b/epan/to_str.c
index 1c4ff2baa0d693341a40b1bf988d2fce25acedd3..b006548e1c7111fd98fb6c09745ebd0334ff4480 100644 (file)
--- a/epan/to_str.c
+++ b/epan/to_str.c
@@ -807,16 +807,18 @@ address_to_str_buf(const address *addr, gchar *buf, int buf_len)
     mtp3_addr_to_str_buf(addr->data, buf, buf_len);
     break;
   case AT_STRINGZ:
-    strcpy(buf, addr->data);
+    g_snprintf(buf, buf_len, "%s", addr->data);
     break;
   case AT_EUI64:
     g_snprintf(buf, buf_len, "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x",
             addr->data[0], addr->data[1], addr->data[2], addr->data[3],
             addr->data[4], addr->data[5], addr->data[6], addr->data[7]);
     break;
-  case AT_URI:
-    memmove(buf, addr->data, addr->len);
-    buf[addr->len] = '\0';
+  case AT_URI: {
+    int copy_len = addr->len < buf_len ? addr->len : buf_len;
+    memmove(buf, addr->data, copy_len );
+    buf[copy_len] = '\0';
+    }
     break;
   default:
     g_assert_not_reached();