Fix AddressSanitizer: strcpy-param-overlap in gvconfig_libdir

Fixes https://gitlab.com/graphviz/graphviz/-/issues/1994.

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 164bf50f1fe6eed9666acb9c6c9dc3cc340b26b1..92ecbecca66aeac8a09a1bd7a1e89a658f331a9a 100644 (file)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,6 +22,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   count #1984
 - & escape disappearing #797
 - miscalculation of minimum rank on large graphs
+- AddressSanitizer: strcpy-param-overlap in gvconfig_libdir when
+  running dot -c #1994
 
 ## [2.47.0] - 2021-03-15
 

diff --git a/lib/gvc/gvconfig.c b/lib/gvc/gvconfig.c
index 80d0ce964c76e41cb4b86bed3aab81f7cf1c6da2..06c332670f01d65ce7626219c7a517303fbde83d 100644 (file)
--- a/lib/gvc/gvconfig.c
+++ b/lib/gvc/gvconfig.c
@@ -338,7 +338,7 @@ char * gvconfig_libdir(GVC_t * gvc)
                        /* Check for real /lib dir. Don't accept pre-install /.libs */
                        if (strcmp(strrchr(path,'/'), "/.libs") == 0)
                            continue;
-                       strcpy(line, path);  /* use line buffer for result */
+                       memmove(line, path, strlen(path) + 1);  /* use line buffer for result */
                        strcat(line, "/graphviz");  /* plugins are in "graphviz" subdirectory */
                        libdir = line;
                        break;