gallium/hud: avoid buffer overrun

Renaming data sources was added in
e8bb97ce30051b999a4a69c9b27884daeb8d71e6
It was possible to use a new name longer than
the name array in hud_graph of 128. This
patch truncates the name to fit the array.

CC: Marek Olšák <marek.olsak@amd.com>
Signed-off-by: Marek Olšák <marek.olsak@amd.com>

diff --git a/src/gallium/auxiliary/hud/hud_context.c b/src/gallium/auxiliary/hud/hud_context.c
index fd9a7bc2fcbd40c75894612b78521c2e60a3842e..a635797328d9b925a942088797269643f973404e 100644 (file)
--- a/src/gallium/auxiliary/hud/hud_context.c
+++ b/src/gallium/auxiliary/hud/hud_context.c
@@ -1275,8 +1275,10 @@ hud_parse_env_var(struct hud_context *hud, const char *env)
 
          strip_hyphens(s);
          if (!LIST_IS_EMPTY(&pane->graph_list)) {
-            strcpy(LIST_ENTRY(struct hud_graph,
-                              pane->graph_list.prev, head)->name, s);
+            struct hud_graph *graph;
+            graph = LIST_ENTRY(struct hud_graph, pane->graph_list.prev, head);
+            strncpy(graph->name, s, sizeof(graph->name)-1);
+            graph->name[sizeof(graph->name)-1] = 0;
          }
       }