blame: prefer xsnprintf to strcpy for colors

Our color buffers are all COLOR_MAXLEN, which fits the largest possible color. So we can never overflow the buffer by copying an existing color. However, using strcpy() makes it harder to audit the code-base for calls that _are_ problems. We should use something like xsnprintf(), which shows the reader that we expect this never to fail (and provides a run-time assertion if it does, just in case). Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Jeff King <peff@peff.net> 2018-07-13 16:43:50 -0400
committer: Junio C Hamano <gitster@pobox.com> 2018-07-16 13:59:39 -0700
commit: 022d2ac1f3f89f5af1e712f72bfc69c716d64926 (patch)
tree: eebe147e971a2617ccc5c5f420a6a79d936ac4b6 /builtin/blame.c
parent: blame: release string_list after use in parse_color_fields() (diff)
download: tgif-022d2ac1f3f89f5af1e712f72bfc69c716d64926.tar.xz
1 files changed, 3 insertions, 1 deletions
diff --git a/builtin/blame.c b/builtin/blame.c
index dc7870a561..758cd39dd1 100644
--- a/builtin/blame.c
+++ b/builtin/blame.c
@@ -1060,7 +1060,9 @@ parse_done:
 		find_alignment(&sb, &output_option);
 		if (!*repeated_meta_color &&
 		    (output_option & OUTPUT_COLOR_LINE))
-			strcpy(repeated_meta_color, GIT_COLOR_CYAN);
+			xsnprintf(repeated_meta_color,
+				  sizeof(repeated_meta_color),
+				  "%s", GIT_COLOR_CYAN);
 	}
 	if (output_option & OUTPUT_ANNOTATE_COMPAT)
 		output_option &= ~(OUTPUT_COLOR_LINE | OUTPUT_SHOW_AGE_WITH_COLOR);
author	Jeff King <peff@peff.net>	2018-07-13 16:43:50 -0400
committer	Junio C Hamano <gitster@pobox.com>	2018-07-16 13:59:39 -0700
commit	022d2ac1f3f89f5af1e712f72bfc69c716d64926 (patch)
tree	eebe147e971a2617ccc5c5f420a6a79d936ac4b6 /builtin/blame.c
parent	blame: release string_list after use in parse_color_fields() (diff)
download	tgif-022d2ac1f3f89f5af1e712f72bfc69c716d64926.tar.xz