From 9a3a8a032e105f8682b32ebd6fa5a63e5ec5bb23 Mon Sep 17 00:00:00 2001
From: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
Date: Fri, 13 Mar 2015 13:50:04 +0100
Subject: [PATCH] blkdev.cc: fix STRING_OVERFLOW

Fix for:

CID 1258439 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)
 2. fixed_size_dest: You might overrun the 4096 byte fixed-size
    string devname by copying dev + 5 without checking the length.

Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
---
 src/common/blkdev.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/common/blkdev.cc b/src/common/blkdev.cc
index 70dde42010fbb..9bce803157841 100644
--- a/src/common/blkdev.cc
+++ b/src/common/blkdev.cc
@@ -57,7 +57,8 @@ int get_block_device_base(const char *dev, char *out, size_t out_len)
   if (strncmp(dev, "/dev/", 5) != 0)
     return -EINVAL;
 
-  strcpy(devname, dev + 5);
+  strncpy(devname, dev + 5, PATH_MAX-1);
+  devname[PATH_MAX-1] = '\0';
   for (p = devname; *p; ++p)
     if (*p == '/')
       *p = '!';