improved robustness of client/server encoding functions

diff --git a/src/libgame/http.c b/src/libgame/http.c
index f677d71c795ffcb66815eba52ecd4a8dd7335878..b494ac42bd9d57d04bf84f14ed3d6189ef35c305 100644 (file)
--- a/src/libgame/http.c
+++ b/src/libgame/http.c
@@ -37,7 +37,9 @@ void ConvertHttpRequestBodyToServerEncoding(struct HttpRequest *request)
 {
   char *body_utf8 = getUTF8FromLatin1(request->body);
 
-  strcpy(request->body, body_utf8);
+  strncpy(request->body, body_utf8, MAX_HTTP_BODY_SIZE);
+  request->body[MAX_HTTP_BODY_SIZE] = '\0';
+
   checked_free(body_utf8);
 }
 
@@ -45,10 +47,12 @@ void ConvertHttpResponseBodyToClientEncoding(struct HttpResponse *response)
 {
   char *body_latin1 = getLatin1FromUTF8(response->body);
 
-  strcpy(response->body, body_latin1);
-  checked_free(body_latin1);
+  strncpy(response->body, body_latin1, MAX_HTTP_BODY_SIZE);
+  response->body[MAX_HTTP_BODY_SIZE] = '\0';
 
   response->body_size = strlen(response->body);
+
+  checked_free(body_latin1);
 }
 
 static void SetHttpResponseToDefaults(struct HttpResponse *response)