Limit log level string when building message
Use strncat instead of strcat to limit the length of copied log level
name in radlog_request. This makes the code easier to reason about
overall and to make sure no buffer overflow happens.
This fixes the following Coverity error:
Error: STRING_OVERFLOW (CWE-120):
freeradius-server-2.2.6/src/main/log.c:310: fixed_size_dest: You might overrun the 1024 byte fixed-size string "buffer" by copying the return value of "fr_int2str" without checking the length.
projects / freeradius.git / commit