diff -Nur a/core/cfg/cfg.cpp b/core/cfg/cfg.cpp --- a/core/cfg/cfg.cpp 2016-05-18 07:26:31.884806485 -0300 +++ b/core/cfg/cfg.cpp 2016-05-18 08:14:04.874168496 -0300 @@ -128,7 +128,8 @@ void cfgLoadStr(const wchar * Section, const wchar * Key, wchar * Return,const wchar* Default) { string value = cfgdb.get(Section, Key, Default); - strcpy(Return, value.c_str()); + strncpy(Return, value.c_str(), sizeof(Return)); + Return[sizeof(Return) - 1] = '\0'; } string cfgLoadStr(const wchar * Section, const wchar * Key, const wchar* Default) diff -Nur a/core/cfg/ini.cpp b/core/cfg/ini.cpp --- a/core/cfg/ini.cpp 2016-05-18 07:26:31.884806485 -0300 +++ b/core/cfg/ini.cpp 2016-05-18 08:12:22.452503951 -0300 @@ -221,7 +221,8 @@ if (tl[0] == '[' && tl[strlen(tl)-1] == ']') { tl[strlen(tl)-1] = '\0'; - strcpy(current_section, tl+1); + strncpy(current_section, tl+1, sizeof(current_section)); + current_section[sizeof(current_section) - 1] = '\0'; trim_ws(current_section); } else diff -Nur a/core/deps/libwebsocket/client.c b/core/deps/libwebsocket/client.c --- a/core/deps/libwebsocket/client.c 2016-05-18 07:26:31.928140639 -0300 +++ b/core/deps/libwebsocket/client.c 2016-05-18 08:29:26.276930099 -0300 @@ -871,7 +871,8 @@ lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_HOST)); p += sprintf(p, "Upgrade: websocket\x0d\x0a""Connection: Upgrade\x0d\x0a""Sec-WebSocket-Key: "); - strcpy(p, key_b64); + strncpy(p, key_b64, sizeof(p)); + p[sizeof(p) - 1] = '\0'; p += strlen(key_b64); p += sprintf(p, "\x0d\x0a"); if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN)) diff -Nur a/core/deps/libwebsocket/context.c b/core/deps/libwebsocket/context.c --- a/core/deps/libwebsocket/context.c 2016-05-18 07:26:31.928140639 -0300 +++ b/core/deps/libwebsocket/context.c 2016-05-18 08:23:42.720827986 -0300 @@ -167,7 +167,8 @@ context->user_space = info->user; - strcpy(context->canonical_hostname, "unknown"); + strncpy(context->canonical_hostname, "unknown", sizeof(context->canonical_hostname)); + context->canonical_hostname[sizeof(context->canonical_hostname) - 1] = '\0'; lws_server_get_canonical_hostname(context, info); diff -Nur a/core/deps/libwebsocket/libwebsockets.c b/core/deps/libwebsocket/libwebsockets.c --- a/core/deps/libwebsocket/libwebsockets.c 2016-05-18 07:26:31.928140639 -0300 +++ b/core/deps/libwebsocket/libwebsockets.c 2016-05-18 08:25:22.529251490 -0300 @@ -526,7 +526,8 @@ if (u - wsi->latency_start > context->worst_latency) { context->worst_latency = u - wsi->latency_start; - strcpy(context->worst_latency_info, buf); + strncpy(context->worst_latency_info, buf, sizeof(context->worst_latency_info)); + context->worst_latency_info[sizeof(context->worst_latency_info) - 1] = '\0'; } lwsl_latency("%s", buf); } diff -Nur a/core/deps/libwebsocket/parsers.c b/core/deps/libwebsocket/parsers.c --- a/core/deps/libwebsocket/parsers.c 2016-05-18 07:26:31.931474036 -0300 +++ b/core/deps/libwebsocket/parsers.c 2016-05-18 08:27:14.004563720 -0300 @@ -99,8 +99,9 @@ return 0; do { - strcpy(dest, - &wsi->u.hdr.ah->data[wsi->u.hdr.ah->frags[n].offset]); + strncpy(dest, + &wsi->u.hdr.ah->data[wsi->u.hdr.ah->frags[n].offset], sizeof(dest)); + dest[sizeof(dest) - 1] = '\0'; dest += wsi->u.hdr.ah->frags[n].len; n = wsi->u.hdr.ah->frags[n].next_frag_index; } while (n); diff -Nur a/core/deps/libwebsocket/server-handshake.c b/core/deps/libwebsocket/server-handshake.c --- a/core/deps/libwebsocket/server-handshake.c 2016-05-18 07:26:31.934807432 -0300 +++ b/core/deps/libwebsocket/server-handshake.c 2016-05-18 09:05:43.379609693 -0300 @@ -21,7 +21,7 @@ #include "private-libwebsockets.h" -#define LWS_CPYAPP(ptr, str) { strcpy(ptr, str); ptr += strlen(str); } +#define LWS_CPYAPP(ptr, str) { strncpy(ptr, str, sizeof(ptr)); ptr[sizeof(ptr) - 1] = '\0'; ptr += strlen(str); } #ifndef LWS_NO_EXTENSIONS LWS_VISIBLE int lws_extension_server_handshake(struct libwebsocket_context *context, @@ -212,7 +212,8 @@ "Upgrade: WebSocket\x0d\x0a" "Connection: Upgrade\x0d\x0a" "Sec-WebSocket-Accept: "); - strcpy(p, (char *)context->service_buffer); + strncpy(p, (char *)context->service_buffer, sizeof(p)); + p[sizeof(p) - 1] = '\0'; p += accept_len; if (lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL)) { diff -Nur a/core/deps/libzip/zip_add_dir.c b/core/deps/libzip/zip_add_dir.c --- a/core/deps/libzip/zip_add_dir.c 2016-05-18 07:26:31.938140829 -0300 +++ b/core/deps/libzip/zip_add_dir.c 2016-05-18 08:21:20.351686144 -0300 @@ -60,7 +60,8 @@ _zip_error_set(&za->error, ZIP_ER_MEMORY, 0); return -1; } - strcpy(s, name); + strncpy(s, name, sizeof(s)); + s[sizeof(s) - 1] = '\0'; s[len] = '/'; s[len+1] = '\0'; } diff -Nur a/core/deps/zlib/gzlib.c b/core/deps/zlib/gzlib.c --- a/core/deps/zlib/gzlib.c 2016-05-18 07:26:31.958141208 -0300 +++ b/core/deps/zlib/gzlib.c 2016-05-18 08:10:37.647202679 -0300 @@ -213,7 +213,8 @@ #if !defined(NO_snprintf) && !defined(NO_vsnprintf) snprintf(state->path, len + 1, "%s", (const char *)path); #else - strcpy(state->path, path); + strncpy(state->path, path, sizeof(state->path)); + state->path[sizeof(state->path) - 1] = '\0'; #endif /* compute the flags for open() */ @@ -607,7 +608,8 @@ snprintf(state->msg, strlen(state->path) + strlen(msg) + 3, "%s%s%s", state->path, ": ", msg); #else - strcpy(state->msg, state->path); + strncpy(state->msg, state->path, sizeof(state->msg)); + state->msg[sizeof(state->msg) - 1] = '\0'; strcat(state->msg, ": "); strcat(state->msg, msg); #endif diff -Nur a/core/hw/flashrom/flashrom.h b/core/hw/flashrom/flashrom.h --- a/core/hw/flashrom/flashrom.h 2016-05-18 07:26:31.978141586 -0300 +++ b/core/hw/flashrom/flashrom.h 2016-05-18 07:40:53.826766511 -0300 @@ -63,7 +63,8 @@ wchar base[512]; wchar temp[512]; wchar names[512]; - strcpy(names,names_ro.c_str()); + strncpy(names,names_ro.c_str(),sizeof(names)); + names[sizeof(names) - 1] = '\0'; sprintf(base,"%s",root.c_str()); wchar* curr=names; diff -Nur a/core/hw/naomi/naomi_cart.cpp b/core/hw/naomi/naomi_cart.cpp --- a/core/hw/naomi/naomi_cart.cpp 2016-05-18 07:26:31.988141776 -0300 +++ b/core/hw/naomi/naomi_cart.cpp 2016-05-18 07:38:20.557239856 -0300 @@ -33,7 +33,8 @@ folder_pos++; char t[512]; - strcpy(t, file); + strncpy(t, file, sizeof(t)); + t[sizeof(t) - 1] = '\0'; FILE* fl = fopen(t, "r"); if (!fl) return false; @@ -92,7 +93,8 @@ RomCacheMapCount = (u32)files.size(); RomCacheMap = new fd_t[files.size()]; - strcpy(t, file); + strncpy(t, file, sizeof(t)); + t[sizeof(t) - 1] = '\0'; t[folder_pos] = 0; strcat(t, "ndcn-composed.cache"); @@ -106,7 +108,8 @@ verify(RomPtr != 0); verify(RomPtr != (void*)-1); - strcpy(t, file); + strncpy(t, file, sizeof(t)); + t[sizeof(t) - 1] = '\0'; //Create File Mapping Objects for (size_t i = 0; i2) { @@ -87,7 +88,8 @@ if (SSIZE!=0) { - strcpy(pathptr, track_filename.c_str()); + strncpy(pathptr, track_filename.c_str(),sizeof(pathptr)); + pathptr[sizeof(pathptr) - 1] = '\0'; t.file = new RawTrackFile(core_fopen(path),OFFSET,t.StartFAD,SSIZE); } disc->tracks.push_back(t); diff -Nur a/core/nullDC.cpp b/core/nullDC.cpp --- a/core/nullDC.cpp 2016-05-18 07:26:32.041476119 -0300 +++ b/core/nullDC.cpp 2016-05-18 08:06:38.942720450 -0300 @@ -62,7 +62,8 @@ if (GetOpenFileNameA(&ofn)) { //already there - //strcpy(szFileName,ofn.lpstrFile); + //strncpy(szFileName,ofn.lpstrFile,sizeof(szFileName)); + //szFileName[sizeof(szFileName) - 1] = '\0'; } #endif } diff -Nur a/core/webui/server.cpp b/core/webui/server.cpp --- a/core/webui/server.cpp 2016-05-18 07:26:32.061476498 -0300 +++ b/core/webui/server.cpp 2016-05-18 07:46:18.756291583 -0300 @@ -288,7 +288,8 @@ } /* if not, send a file the easy way */ - strcpy(buf, resource_path); + strncpy(buf, resource_path, sizeof(buf)); + buf[sizeof(buf) - 1] = '\0'; if (strcmp((const char*)in, "/")) { if (*((const char *)in) != '/') strcat(buf, "/"); diff -Nur a/shell/android/jni/src/Android.cpp b/shell/android/jni/src/Android.cpp --- a/shell/android/jni/src/Android.cpp 2016-05-18 07:26:32.144811409 -0300 +++ b/shell/android/jni/src/Android.cpp 2016-05-18 08:20:01.230329866 -0300 @@ -206,7 +206,8 @@ if(Args[2]) { - strcpy(Args[2],"config:image="); + strncpy(Args[2],"config:image=",sizeof(Args[2])); + Args[2][sizeof(Args[2]) - 1] = '\0'; strcat(Args[2],P); } diff -Nur a/shell/linux-deps/include/X11/Xos_r.h b/shell/linux-deps/include/X11/Xos_r.h --- a/shell/linux-deps/include/X11/Xos_r.h 2016-05-18 07:26:32.328148215 -0300 +++ b/shell/linux-deps/include/X11/Xos_r.h 2016-05-18 09:04:54.728728985 -0300 @@ -255,27 +255,33 @@ (p).pws.pw_name = (p).pwbuf; (p).len = strlen((p).pwp->pw_name); - strcpy((p).pws.pw_name, (p).pwp->pw_name); + strncpy((p).pws.pw_name, (p).pwp->pw_name, sizeof((p).pws.pw_name)); + (p).pws.pw_name[sizeof((p).pws.pw_name) - 1] = '\0'; (p).pws.pw_passwd = (p).pws.pw_name + (p).len + 1; (p).len = strlen((p).pwp->pw_passwd); - strcpy((p).pws.pw_passwd,(p).pwp->pw_passwd); + strncpy((p).pws.pw_passwd,(p).pwp->pw_passwd, sizeof((p).pws.pw_passwd)); + (p).pws.pw_passwd[sizeof((p).pws.pw_passwd) - 1] = '\0'; (p).pws.pw_class = (p).pws.pw_passwd + (p).len + 1; (p).len = strlen((p).pwp->pw_class); - strcpy((p).pws.pw_class, (p).pwp->pw_class); + strncpy((p).pws.pw_class, (p).pwp->pw_class, sizeof((p).pws.pw_class)); + (p).pws.pw_class[sizeof((p).pws.pw_class) - 1] = '\0'; (p).pws.pw_gecos = (p).pws.pw_class + (p).len + 1; (p).len = strlen((p).pwp->pw_gecos); - strcpy((p).pws.pw_gecos, (p).pwp->pw_gecos); + strncpy((p).pws.pw_gecos, (p).pwp->pw_gecos, sizeof((p).pws.pw_gecos)); + (p).pws.pw_gecos[sizeof((p).pws.pw_gecos) - 1] = '\0'; (p).pws.pw_dir = (p).pws.pw_gecos + (p).len + 1; (p).len = strlen((p).pwp->pw_dir); - strcpy((p).pws.pw_dir, (p).pwp->pw_dir); + strncpy((p).pws.pw_dir, (p).pwp->pw_dir, sizeof((p).pws.pw_dir)); + (p).pws.pw_dir[sizeof((p).pws.pw_dir) - 1] = '\0'; (p).pws.pw_shell = (p).pws.pw_dir + (p).len + 1; (p).len = strlen((p).pwp->pw_shell); - strcpy((p).pws.pw_shell, (p).pwp->pw_shell); + strncpy((p).pws.pw_shell, (p).pwp->pw_shell, sizeof((p).pws.pw_shell)); + (p).pws.pw_shell[sizeof((p).pws.pw_shell) - 1] = '\0'; (p).pwp = &(p).pws; } @@ -285,25 +291,32 @@ (memcpy(&(p).pws, (p).pwp, sizeof(struct passwd)), \ ((p).pws.pw_name = (p).pwbuf), \ ((p).len = strlen((p).pwp->pw_name)), \ - strcpy((p).pws.pw_name, (p).pwp->pw_name), \ + strncpy((p).pws.pw_name, (p).pwp->pw_name, sizeof((p).pws.pw_name)), \ + (p).pws.pw_name[sizeof((p).pws.pw_name) - 1] = '\0', \ ((p).pws.pw_passwd = (p).pws.pw_name + (p).len + 1), \ ((p).len = strlen((p).pwp->pw_passwd)), \ - strcpy((p).pws.pw_passwd,(p).pwp->pw_passwd), \ + strncpy((p).pws.pw_passwd,(p).pwp->pw_passwd, sizeof((p).pws.pw_passwd)), \ + (p).pws.pw_passwd[sizeof((p).pws.pw_passwd) - 1] = '\0', \ ((p).pws.pw_age = (p).pws.pw_passwd + (p).len + 1), \ ((p).len = strlen((p).pwp->pw_age)), \ - strcpy((p).pws.pw_age, (p).pwp->pw_age), \ + strncpy((p).pws.pw_age, (p).pwp->pw_age, sizeof((p).pws.pw_age)), \ + (p).pws.pw_age[sizeof((p).pws.pw_age) - 1] = '\0', \ ((p).pws.pw_comment = (p).pws.pw_age + (p).len + 1), \ ((p).len = strlen((p).pwp->pw_comment)), \ - strcpy((p).pws.pw_comment, (p).pwp->pw_comment), \ + strncpy((p).pws.pw_comment, (p).pwp->pw_comment, sizeof((p).pws.pw_comment)), \ + (p).pws.pw_comment[sizeof((p).pws.pw_comment) - 1] = '\0', \ ((p).pws.pw_gecos = (p).pws.pw_comment + (p).len + 1), \ ((p).len = strlen((p).pwp->pw_gecos)), \ - strcpy((p).pws.pw_gecos, (p).pwp->pw_gecos), \ + strncpy((p).pws.pw_gecos, (p).pwp->pw_gecos, sizeof((p).pws.pw_gecos)), \ + (p).pws.pw_gecos[sizeof((p).pws.pw_gecos) - 1] = '\0', \ ((p).pws.pw_dir = (p).pws.pw_comment + (p).len + 1), \ ((p).len = strlen((p).pwp->pw_dir)), \ - strcpy((p).pws.pw_dir, (p).pwp->pw_dir), \ + strncpy((p).pws.pw_dir, (p).pwp->pw_dir, sizeof((p).pws.pw_dir)), \ + (p).pws.pw_dir[sizeof((p).pws.pw_dir) - 1] = '\0', \ ((p).pws.pw_shell = (p).pws.pw_dir + (p).len + 1), \ - ((p).len = strlen((p).pwp->pw_shell)), \ - strcpy((p).pws.pw_shell, (p).pwp->pw_shell), \ + ((p).len = strlen((p).pwp->pw_shell), \ + strncpy((p).pws.pw_shell, (p).pwp->pw_shell, sizeof((p).pws.pw_shell)), \ + (p).pws.pw_shell[sizeof((p).pws.pw_shell) - 1] = '\0', \ ((p).pwp = &(p).pws), \ 0 ) #endif @@ -423,15 +436,18 @@ # define _Xg_copyHostent(hp) \ (memcpy(&(hp).hent, (hp).hptr, sizeof(struct hostent)), \ - strcpy((hp).h_name, (hp).hptr->h_name), \ + strncpy((hp).h_name, (hp).hptr->h_name, sizeof((hp).h_name)), \ + (hp).h_name[sizeof((hp).h_name) - 1] = '\0', \ ((hp).hent.h_name = (hp).h_name), \ ((hp).hptr = &(hp).hent), \ 0 ) # define _Xg_copyServent(sp) \ (memcpy(&(sp).sent, (sp).sptr, sizeof(struct servent)), \ - strcpy((sp).s_name, (sp).sptr->s_name), \ + strncpy((sp).s_name, (sp).sptr->s_name, sizeof((sp).s_name)), \ + (sp).s_name[sizeof((sp).s_name) - 1] = '\0', \ ((sp).sent.s_name = (sp).s_name), \ - strcpy((sp).s_proto, (sp).sptr->s_proto), \ + strncpy((sp).s_proto, (sp).sptr->s_proto, sizeof((sp).s_proto)), \ + (sp).s_proto[sizeof((sp).s_proto) - 1] = '\0', \ ((sp).sent.s_proto = (sp).s_proto), \ ((sp).sptr = &(sp).sent), \ 0 ) @@ -1015,7 +1031,8 @@ ( memcpy(&(p).grp, (p).pgrp, sizeof(struct group)), \ ((p).grp.gr_name = (p).buf), \ ((p).len = strlen((p).pgrp->gr_name)), \ - strcpy((p).grp.gr_name, (p).pgrp->gr_name), \ + strncpy((p).grp.gr_name, (p).pgrp->gr_name, sizeof((p).grp.gr_name)), \ + (p).grp.gr_name[sizeof((p).grp.gr_name) - 1] = '\0', \ ((p).grp.gr_passwd = (p).grp.gr_name + (p).len + 1), \ ((p).pgrp = &(p).grp), \ 0 ) @@ -1023,7 +1040,8 @@ # define _Xgrp_copyGroup(p) \ ( memcpy(&(p).grp, (p).pgrp, sizeof(struct group)), \ ((p).grp.gr_name = (p).buf), \ - strcpy((p).grp.gr_name, (p).pgrp->gr_name), \ + strncpy((p).grp.gr_name, (p).pgrp->gr_name, sizeof((p).grp.gr_name)), \ + (p).grp.gr_name[sizeof((p).grp.gr_name) - 1] = '\0', \ ((p).pgrp = &(p).grp), \ 0 ) #endif diff -Nur a/shell/linux-deps/include/X11/Xtrans/Xtrans.c b/shell/linux-deps/include/X11/Xtrans/Xtrans.c --- a/shell/linux-deps/include/X11/Xtrans/Xtrans.c 2016-05-18 07:26:32.331481611 -0300 +++ b/shell/linux-deps/include/X11/Xtrans/Xtrans.c 2016-05-18 08:46:03.538321741 -0300 @@ -212,7 +212,8 @@ /* Copy the string so it can be changed */ tmpptr = mybuf = (char *) xalloc (strlen (address) + 1); - strcpy (mybuf, address); + strncpy (mybuf, address, sizeof(mybuf)); + mybuf[sizeof(mybuf) - 1] = '\0'; /* Parse the string to get each component */ @@ -371,7 +372,8 @@ return 0; } else - strcpy (*protocol, _protocol); + strncpy (*protocol, _protocol, sizeof(*protocol)); + *protocol[sizeof(*protocol) - 1] = '\0'; if ((*host = (char *) xalloc (strlen (_host) + 1)) == NULL) { @@ -384,7 +386,8 @@ return 0; } else - strcpy (*host, _host); + strncpy (*host, _host, sizeof(*host)); + *host[sizeof(*host) - 1] = '\0'; if ((*port = (char *) xalloc (strlen (_port) + 1)) == NULL) { @@ -398,7 +401,8 @@ return 0; } else - strcpy (*port, _port); + strncpy (*port, _port, sizeof(*port)); + *port[sizeof(*port) - 1] = '\0'; xfree (tmpptr); @@ -545,7 +549,8 @@ return NULL; } - strcpy (save_port, port); + strncpy (save_port, port, sizeof(save_port)); + save_port[sizeof(save_port) - 1] = '\0'; /* Get a new XtransConnInfo object */ @@ -671,7 +676,8 @@ return 0; else { - strcpy (*port, ciptr->port); + strncpy (*port, ciptr->port, sizeof(*port)); + *port[sizeof(*port) - 1] = '\0'; return 1; } } diff -Nur a/shell/linux-deps/include/X11/Xtrans/Xtranslcl.c b/shell/linux-deps/include/X11/Xtrans/Xtranslcl.c --- a/shell/linux-deps/include/X11/Xtrans/Xtranslcl.c 2016-05-18 07:26:32.334815008 -0300 +++ b/shell/linux-deps/include/X11/Xtrans/Xtranslcl.c 2016-05-18 08:37:44.809264973 -0300 @@ -165,7 +165,8 @@ xfree((char *) sunaddr); return 0; } - strcpy (sunaddr->sun_path, sun_path); + strncpy (sunaddr->sun_path, sun_path, sizeof(sunaddr->sun_path)); + sunaddr->sun_path[sizeof(sunaddr->sun_path) - 1] = '\0'; #if defined(BSD44SOCKETS) sunaddr->sun_len = strlen (sunaddr->sun_path); #endif @@ -193,7 +194,8 @@ xfree((char *) p_sunaddr); return 0; } - strcpy (p_sunaddr->sun_path, peer_sun_path); + strncpy (p_sunaddr->sun_path, peer_sun_path, sizeof(p_sunaddr->sun_path)); + p_sunaddr->sun_path[sizeof(p_sunaddr->sun_path) - 1] = '\0'; #if defined(BSD44SOCKETS) p_sunaddr->sun_len = strlen (p_sunaddr->sun_path); #endif @@ -633,7 +635,8 @@ } sunaddr->sun_family=AF_UNIX; - strcpy(sunaddr->sun_path,buf); + strncpy(sunaddr->sun_path,buf,sizeof(sunaddr->sun_path)); + sunaddr->sun_path[sizeof(sunaddr->sun_path) - 1] = '\0'; #if defined(BSD44SOCKETS) sunaddr->sun_len=strlen(sunaddr->sun_path); #endif @@ -1682,7 +1685,8 @@ { workingXLOCAL=freeXLOCAL=(char *)xalloc (strlen (protocol) + 1); if (workingXLOCAL) - strcpy (workingXLOCAL, protocol); + strncpy (workingXLOCAL, protocol, sizeof(workingXLOCAL)); + workingXLOCAL[sizeof(workingXLOCAL) - 1] = '\0'; } else { XLOCAL=(char *)getenv("XLOCAL"); @@ -1690,7 +1694,8 @@ XLOCAL=DEF_XLOCAL; workingXLOCAL=freeXLOCAL=(char *)xalloc (strlen (XLOCAL) + 1); if (workingXLOCAL) - strcpy (workingXLOCAL, XLOCAL); + strncpy (workingXLOCAL, XLOCAL, sizeof(workingXLOCAL)); + workingXLOCAL[sizeof(workingXLOCAL) - 1] = '\0'; } } diff -Nur a/shell/linux-deps/include/X11/Xtrans/Xtranstli.c b/shell/linux-deps/include/X11/Xtrans/Xtranstli.c --- a/shell/linux-deps/include/X11/Xtrans/Xtranstli.c 2016-05-18 07:26:32.334815008 -0300 +++ b/shell/linux-deps/include/X11/Xtrans/Xtranstli.c 2016-05-18 08:49:18.868553403 -0300 @@ -277,7 +277,8 @@ #ifdef nuke if( *port == '/' ) { /* A full pathname */ - (void) strcpy(sunaddr->sun_path, port); + (void) strncpy(sunaddr->sun_path, port, sizeof(sunaddr->sun_path)); + (void) sunaddr->sun_path[sizeof(sunaddr->sun_path) - 1] = '\0'; } else { (void) sprintf(sunaddr->sun_path,"%s%s", TLINODENAME, port ); } @@ -840,7 +841,8 @@ sunaddr->sun_family=AF_UNIX; if( port && *port ) { if( *port == '/' ) { /* A full pathname */ - (void) strcpy(sunaddr->sun_path, port); + (void) strncpy(sunaddr->sun_path, port, sizeof(sunaddr->sun_path)); + (void) sunaddr->sun_path[sizeof(sunaddr->sun_path) - 1] = '\0'; } else { (void) sprintf(sunaddr->sun_path,"%s%s", TLINODENAME, port ); } @@ -1144,7 +1146,8 @@ if( *port == '/' || strncmp (port, TLINODENAME, strlen (TLINODENAME)) == 0) { /* Use the port as is */ - (void) strcpy(sunaddr->sun_path, port); + (void) strncpy(sunaddr->sun_path, port, sizeof(sunaddr->sun_path)); + (void) sunaddr->sun_path[sizeof(sunaddr->sun_path) - 1] = '\0'; } else { (void) sprintf(sunaddr->sun_path,"%s%s", TLINODENAME, port ); } diff -Nur a/shell/linux-deps/include/X11/Xtrans/Xtransutil.c b/shell/linux-deps/include/X11/Xtrans/Xtransutil.c --- a/shell/linux-deps/include/X11/Xtrans/Xtransutil.c 2016-05-18 07:26:32.338148404 -0300 +++ b/shell/linux-deps/include/X11/Xtrans/Xtransutil.c 2016-05-18 08:40:26.572188461 -0300 @@ -203,7 +203,8 @@ if (!*addrp) *addrp = (Xtransaddr *) xalloc (len + 1); if (*addrp) { - strcpy ((char *) *addrp, hostnamebuf); + strncpy ((char *) *addrp, hostnamebuf, sizeof((char *) *addrp)); + (char *) *addrp[sizeof((char *) *addrp) - 1] = '\0'; *addrlenp = len; } else { *addrlenp = 0; @@ -420,7 +421,8 @@ hostname = (char *) xalloc ( strlen (ciptr->transptr->TransName) + strlen (addr) + 2); - strcpy (hostname, ciptr->transptr->TransName); + strncpy (hostname, ciptr->transptr->TransName, sizeof(hostname)); + hostname[sizeof(hostname) - 1] = '\0'; strcat (hostname, "/"); if (addr) strcat (hostname, addr);