Merge pull request #625 from 1ace/fix/buffer-overflow

Fix a couple potential buffer overflows

2 files changed, 4 insertions, 2 deletions

diff --git a/common/ipc-client.c b/common/ipc-client.c
index 93f2963c..997a87d1 100644
--- a/common/ipc-client.c
+++ b/common/ipc-client.c
@@ -32,7 +32,8 @@ int ipc_open_socket(const char *socket_path) {
                 sway_abort("Unable to open Unix socket");
         }
         addr.sun_family = AF_UNIX;
-        strcpy(addr.sun_path, socket_path);
+        strncpy(addr.sun_path, socket_path, sizeof(addr.sun_path));
+        addr.sun_path[sizeof(addr.sun_path) - 1] = 0;
         int l = sizeof(addr.sun_family) + strlen(addr.sun_path);
         if (connect(socketfd, (struct sockaddr *)&addr, l) == -1) {
                 sway_abort("Unable to connect to %s", socket_path);
diff --git a/sway/commands.c b/sway/commands.c
index 79591925..73e9ffaf 100644
--- a/sway/commands.c
+++ b/sway/commands.c
@@ -506,7 +506,8 @@ static struct cmd_results *cmd_exec_always(int argc, char **argv) {
 
         // Put argument into cmd array
         char cmd[4096];
-        strcpy(cmd, tmp);
+        strncpy(cmd, tmp, sizeof(cmd));
+        cmd[sizeof(cmd) - 1] = 0;
         free(tmp);
         sway_log(L_DEBUG, "Executing %s", cmd);