From afa00abb2b68205bee539d7947130d6b1b1ec6e9 Mon Sep 17 00:00:00 2001
From: Marvin Borner
Date: Thu, 1 Apr 2021 19:39:14 +0200
Subject: Hardened entire system

By using the nonnull attribute and replace buffer-overflow-prone
functions like strcpy, strcat and sprintf by strlcpy, strlcat and
snprintf.
---
 libs/libgui/msg.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'libs/libgui/msg.c')

diff --git a/libs/libgui/msg.c b/libs/libgui/msg.c
index 73af242..051072e 100644
--- a/libs/libgui/msg.c
+++ b/libs/libgui/msg.c
@@ -8,11 +8,9 @@
 
 res msg_send(u32 pid, enum message_type type, void *data, u32 size)
 {
-	if (!data)
-		return -EFAULT;
 	assert((signed)pid != -1 && size >= sizeof(struct message_header));
 	char path[32] = { 0 };
-	sprintf(path, "/proc/%d/msg", pid);
+	snprintf(path, sizeof(path), "/proc/%d/msg", pid);
 	struct message_header *header = data;
 	header->magic = MSG_MAGIC;
 	header->src = getpid();
-- 
cgit v1.2.3