lib: remove the final strncpy() calls

wolfssl: use strcpy() as the target buffer is > 40 bytes gethostname: return failure if the buffer is too small instead Closes #14830
2025-02-17 14:59:45 +08:00 · 2024-09-09 09:09:46 +02:00 · 2024-09-09 09:09:46 +02:00 · 344a177aac
commit 344a177aac
parent eb8ad66f6c
2 changed files with 7 additions and 4 deletions
--- a/lib/curl_gethostname.c
+++ b/lib/curl_gethostname.c
@ -59,7 +59,10 @@ int Curl_gethostname(char * const name, GETHOSTNAME_TYPE_ARG2 namelen)
  /* Override hostname when environment variable CURL_GETHOSTNAME is set */
  const char *force_hostname = getenv("CURL_GETHOSTNAME");
  if(force_hostname) {
-    strncpy(name, force_hostname, namelen - 1);
+    if(strlen(force_hostname) < (size_t)namelen)
+      strcpy(name, force_hostname);
+    else
+      return 1; /* can't do it */
    err = 0;
  }
  else {
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@ -1176,15 +1176,15 @@ wolfssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
 static char *wolfssl_strerror(unsigned long error, char *buf,
                              unsigned long size)
 {
-  DEBUGASSERT(size);
+  DEBUGASSERT(size > 40);
  *buf = '\0';

  wolfSSL_ERR_error_string_n(error, buf, size);

  if(!*buf) {
    const char *msg = error ? "Unknown error" : "No error";
-    strncpy(buf, msg, size - 1);
-    buf[size - 1] = '\0';
+    /* the string fits because the assert above assures this */
+    strcpy(buf, msg);
  }

  return buf;