# HG changeset patch # User Alex Gaynor <alex.gaynor@gmail.com> # Date 1595088510 14400 # Sat Jul 18 12:08:30 2020 -0400 # Node ID 687148398131fbc126475fb7fa2642f2d7287104 # Parent b08d955aff705c7254efb523be461d689aae038c Avoid passing the wrong size to strncpy - simply use strcpy (#5311) We have already validated that `p` is large enough to store `name`. In `strncpy` the `len` parameter should generally be the length of the target buffer, not the source buffer. diff --git a/src/_cffi_src/openssl/src/osrandom_engine.c b/src/_cffi_src/openssl/src/osrandom_engine.c --- a/src/_cffi_src/openssl/src/osrandom_engine.c +++ b/src/_cffi_src/openssl/src/osrandom_engine.c @@ -528,7 +528,7 @@ ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_INVALID_ARGUMENT); return 0; } - strncpy((char *)p, name, len); + strcpy((char *)p, name); return (int)len; default: ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);