c++: Fix possible string truncation

diff --git a/libtest/has.cc b/libtest/has.cc
index 2d9abf6b4f26abd70a7a9920384caadc21128dda..0983f070301f6668f7ae97d5d3a4f8657ae6eded 100644 (file)
--- a/libtest/has.cc
+++ b/libtest/has.cc
@@ -165,7 +165,7 @@ static void initialize_memcached_binary_path()
 
     if (access(arg_buffer.str().c_str(), X_OK) == 0)
     {
-      strncpy(memcached_binary_path, arg_buffer.str().c_str(), FILENAME_MAX);
+      strncpy(memcached_binary_path, arg_buffer.str().c_str(), FILENAME_MAX-1);
     }
   }
 #endif

diff --git a/libtest/socket.cc b/libtest/socket.cc
index 76ac5bf12b78c9bc7c9a0e1a01671e609e0cb229..9e06841ac9abe2de3b64f7ee69c4a699ad863959 100644 (file)
--- a/libtest/socket.cc
+++ b/libtest/socket.cc
@@ -55,7 +55,7 @@ void set_default_socket(const char *socket)
 {
   if (socket)
   {
-    strncpy(global_socket, socket, strlen(socket));
+    strncpy(global_socket, socket, sizeof(global_socket)-1);
   }
 }
 

diff --git a/tests/libmemcached-1.0/mem_functions.cc b/tests/libmemcached-1.0/mem_functions.cc
index 0e6bcb7f7083aff39edd2e25683fcf7b9d567559..8b2dc606f08f850c5e04894ef8e2f2fca497e598 100644 (file)
--- a/tests/libmemcached-1.0/mem_functions.cc
+++ b/tests/libmemcached-1.0/mem_functions.cc
@@ -4166,7 +4166,7 @@ test_return_t regression_bug_442914(memcached_st *original_memc)
 
   for (uint32_t x= 0; x < 250; ++x)
   {
-    char key[250];
+    char key[251];
     size_t len= (size_t)snprintf(key, sizeof(key), "%0250u", x);
     memcached_return_t rc= memcached_delete(memc, key, len, 0);
     char error_buffer[2048]= { 0 };
@@ -4176,7 +4176,7 @@ test_return_t regression_bug_442914(memcached_st *original_memc)
 
   // Delete, and then delete again to look for not found
   {
-    char key[250];
+    char key[251];
     size_t len= snprintf(key, sizeof(key), "%037u", 251U);
     memcached_return_t rc= memcached_delete(memc, key, len, 0);
     test_true(rc == MEMCACHED_SUCCESS or rc == MEMCACHED_BUFFERED);