From 2a63478c4f47a55dc90ca95d19bf40bead803ea0 Mon Sep 17 00:00:00 2001
From: Bill King <bill.king@nokia.com>
Date: Fri, 11 Jun 2010 13:23:17 +1000
Subject: [PATCH] Coverity security fixes
---
src/libs/3rdparty/net7ssh/src/ne7ssh.cpp | 5 +++--
.../3rdparty/net7ssh/src/ne7ssh_string.cpp | 20 +++++++++++--------
2 files changed, 15 insertions(+), 10 deletions(-)
diff --git a/src/libs/3rdparty/net7ssh/src/ne7ssh.cpp b/src/libs/3rdparty/net7ssh/src/ne7ssh.cpp
index fee569089a3..21f5759e80c 100644
--- a/src/libs/3rdparty/net7ssh/src/ne7ssh.cpp
+++ b/src/libs/3rdparty/net7ssh/src/ne7ssh.cpp
@@ -656,8 +656,9 @@ char *ne7ssh::readAndReset(int channel, char *(*alloc)(size_t))
data = connections[i]->getReceived();
if (data.size())
{
- buffer = alloc(connections[i]->getReceived().size());
- strcpy(buffer, reinterpret_cast<char*>(connections[i]->getReceived().begin()));
+ Botan::SecureVector<Botan::byte>& received=connections[i]->getReceived();
+ buffer = alloc(received.size());
+ strncpy(buffer, reinterpret_cast<char*>(received.begin()), received.size());
connections[i]->resetReceiveBuffer();
}
break;
diff --git a/src/libs/3rdparty/net7ssh/src/ne7ssh_string.cpp b/src/libs/3rdparty/net7ssh/src/ne7ssh_string.cpp
index a5982d9a5bb..ef64f143206 100644
--- a/src/libs/3rdparty/net7ssh/src/ne7ssh_string.cpp
+++ b/src/libs/3rdparty/net7ssh/src/ne7ssh_string.cpp
@@ -69,14 +69,18 @@ bool ne7ssh_string::addFile (const char* filename)
fseek (FI, 0L, SEEK_END);
size = ftell (FI);
- rewind (FI);
-
- data = (Botan::byte*) malloc (size);
- fread (data, size, 1, FI);
- fclose (FI);
- buffer.append (data, (u32bit) size);
- free (data);
- return true;
+ if(size > 0) {
+ rewind (FI);
+
+ data = (Botan::byte*) malloc (size);
+ fread (data, size, 1, FI);
+ fclose (FI);
+ buffer.append (data, (u32bit) size);
+ free (data);
+ return true;
+ }
+ fclose(FI);
+ return false;
}
void ne7ssh_string::addBigInt (const Botan::BigInt& bn)
--
GitLab