c: check string truncation when using snprintf

1 files changed, 10 insertions, 5 deletions

diff --git a/src/libnpass/libnpass.c b/src/libnpass/libnpass.c
index 538fe03..34b95ec 100644
--- a/src/libnpass/libnpass.c
+++ b/src/libnpass/libnpass.c
@@ -38,6 +38,7 @@ static int is_storeobj(struct dirent *dir);
 
 static int set_pass_dir(void)
 {
+	int r;
 	const char *env;
 
 	env = getenv("PASSWORD_STORE_DIR");
@@ -48,15 +49,19 @@ static int set_pass_dir(void)
 
 	env = getenv("XDG_DATA_HOME");
 	if (env) {
-		snprintf(pass_dir, sizeof(pass_dir), "%s/%s", env,
-			 DEF_PASS_DIR);
+		r = snprintf(pass_dir, sizeof(pass_dir), "%s/%s", env,
+			     DEF_PASS_DIR);
+		if ((size_t)r > sizeof(pass_dir))
+			err_ret(PASS_STORE_INV, "path exceeded PATH_MAX");
 		return 0;
 	}
 
 	env = getenv("HOME");
 	if (env) {
-		snprintf(pass_dir, sizeof(pass_dir), "%s/%s/%s", env,
-			 ".local/share", DEF_PASS_DIR);
+		r = snprintf(pass_dir, sizeof(pass_dir), "%s/%s/%s", env,
+			     ".local/share", DEF_PASS_DIR);
+		if ((size_t)r > sizeof(pass_dir))
+			err_ret(PASS_STORE_INV, "path exceeded PATH_MAX");
 		return 0;
 	}
 
@@ -179,7 +184,7 @@ int readstore(DIR *dirp, struct store *s)
 		return EOF;
 	}
 
-	strncpy(s->name, dir->d_name, sizeof(s->name) - 1);
+	strcpy(s->name, dir->d_name);
 	switch (dir->d_type) {
 	case DT_DIR:
 		s->type = PASS_STORE_DIR;