From a660177a6e24527b97172d242a6e40f9c41fb6c1 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Mon, 8 Oct 2012 21:42:17 +0200
Subject: misc: Use strncpy instead of strcat.

This is just hardening the code.

Found by Coverity.
---
 src/misc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/misc.c b/src/misc.c
index fab3a92..14ca616 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -777,7 +777,7 @@ char *ssh_path_expand_escape(ssh_session session, const char *s) {
             return NULL;
         }
         l = strlen(buf);
-        strcat(buf + l, x);
+        strncpy(buf + l, x, sizeof(buf) - l - 1);
         buf[i] = '\0';
         SAFE_FREE(x);
     }
-- 
cgit