From c132d689b9ad8df37b1e9c7ff8014a6457797f00 Mon Sep 17 00:00:00 2001
From: ShubhamDesai <42180509+ShubhamDesai@users.noreply.github.com>
Date: Thu, 8 Aug 2024 04:19:14 -0400
Subject: [PATCH] lib/vector: fix potential buffer overflow (#4149)

---
 lib/vector/diglib/frmt.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/lib/vector/diglib/frmt.c b/lib/vector/diglib/frmt.c
index 8e3612a8dfd..66d107c6a5e 100644
--- a/lib/vector/diglib/frmt.c
+++ b/lib/vector/diglib/frmt.c
@@ -19,6 +19,7 @@
 
 #include <grass/vector.h>
 #include <grass/glocale.h>
+#include <grass/gis.h>
 
 /*!
    \brief Read external vector format file
@@ -34,6 +35,7 @@ int dig_read_frmt_ascii(FILE *dascii, struct Format_info *finfo)
     char buff[2001], buf1[2001];
     char *ptr;
     int frmt = -1;
+    size_t len;
 
     G_debug(3, "dig_read_frmt_ascii()");
 
@@ -46,7 +48,11 @@ int dig_read_frmt_ascii(FILE *dascii, struct Format_info *finfo)
             return -1;
         }
 
-        strcpy(buf1, buff);
+        len = G_strlcpy(buf1, buff, sizeof(buf1));
+        if (len >= sizeof(buf1)) {
+            G_warning(_("Line <%s> is too long"), buff);
+            return -1;
+        }
         buf1[ptr - buff] = '\0';
 
         ptr++; /* Search for the start of text */
@@ -98,7 +104,11 @@ int dig_read_frmt_ascii(FILE *dascii, struct Format_info *finfo)
             continue;
         }
 
-        strcpy(buf1, buff);
+        len = G_strlcpy(buf1, buff, sizeof(buf1));
+        if (len >= sizeof(buf1)) {
+            G_warning(_("Line <%s> is too long"), buff);
+            return -1;
+        }
         buf1[ptr - buff] = '\0';
 
         ptr++; /* Search for the start of text */