Use strncpy and strncat more safely

4 files changed, 7 insertions, 4 deletions

diff --git a/getabook.c b/getabook.c
index 81c1dfc..2712cc8 100644
--- a/getabook.c
+++ b/getabook.c
@@ -158,7 +158,8 @@ int main(int argc, char *argv[])
 		return 1;
 	}
 
-	strncpy(bookid, argv[argc-1], STRMAX);
+	strncpy(bookid, argv[argc-1], STRMAX-1);
+	bookid[STRMAX-1] = '\0';
 	bookdir = argv[argc-1];
 
 	pages = malloc(sizeof(*pages) * MAXPAGES);
diff --git a/getbnbook.c b/getbnbook.c
index 3b044d6..d228069 100644
--- a/getbnbook.c
+++ b/getbnbook.c
@@ -106,7 +106,8 @@ int main(int argc, char *argv[])
 		return 1;
 	}
 
-	strncpy(bookid, argv[argc-1], STRMAX);
+	strncpy(bookid, argv[argc-1], STRMAX-1);
+	bookid[STRMAX-1] = '\0';
 	bookdir = argv[argc-1];
 
 	/* get cookie */
diff --git a/getgbook.c b/getgbook.c
index 67bd1ca..660a1f6 100644
--- a/getgbook.c
+++ b/getgbook.c
@@ -187,7 +187,8 @@ int main(int argc, char *argv[])
 			free(tmp);
 	}
 
-	strncpy(bookid, argv[argc-1], STRMAX);
+	strncpy(bookid, argv[argc-1], STRMAX-1);
+	bookid[STRMAX-1] = '\0';
 	bookdir = argv[argc-1];
 
 	pages = malloc(sizeof(*pages) * MAXPAGES);
diff --git a/util.c b/util.c
index ade8613..41bbc3c 100644
--- a/util.c
+++ b/util.c
@@ -91,7 +91,7 @@ int get(char *host, char *path, char *sendcookie, char *savecookie, char **buf)
 	t2 = h;
 	if(savecookie != NULL) {
 		while((t2 = strstr(t2, "Set-Cookie: ")) && sscanf(t2, m, c)) {
-			strncat(savecookie, c, COOKIEMAX);
+			strncat(savecookie, c, COOKIEMAX - strlen(savecookie) - 1);
 			t2++;
 		}
 	}