From: Holger Schemel <info@artsoft.org>
Date: Fri, 24 Sep 2021 14:07:20 +0000 (+0200)
Subject: improved robustness of client/server encoding functions
X-Git-Tag: 4.3.0.0~43
X-Git-Url: https://git.artsoft.org/?p=rocksndiamonds.git;a=commitdiff_plain;h=97b1e9813e532b9065a841f2d185d632df19bf7a

improved robustness of client/server encoding functions
---

diff --git a/src/libgame/http.c b/src/libgame/http.c
index f677d71c..b494ac42 100644
--- a/src/libgame/http.c
+++ b/src/libgame/http.c
@@ -37,7 +37,9 @@ void ConvertHttpRequestBodyToServerEncoding(struct HttpRequest *request)
 {
   char *body_utf8 = getUTF8FromLatin1(request->body);
 
-  strcpy(request->body, body_utf8);
+  strncpy(request->body, body_utf8, MAX_HTTP_BODY_SIZE);
+  request->body[MAX_HTTP_BODY_SIZE] = '\0';
+
   checked_free(body_utf8);
 }
 
@@ -45,10 +47,12 @@ void ConvertHttpResponseBodyToClientEncoding(struct HttpResponse *response)
 {
   char *body_latin1 = getLatin1FromUTF8(response->body);
 
-  strcpy(response->body, body_latin1);
-  checked_free(body_latin1);
+  strncpy(response->body, body_latin1, MAX_HTTP_BODY_SIZE);
+  response->body[MAX_HTTP_BODY_SIZE] = '\0';
 
   response->body_size = strlen(response->body);
+
+  checked_free(body_latin1);
 }
 
 static void SetHttpResponseToDefaults(struct HttpResponse *response)