Thanks for reviewing it. On Mon, Dec 30, 2019 at 01:02:59AM +0100, Adam Borowski wrote: > On Sun, Dec 29, 2019 at 11:27:18PM +0000, Sudip Mukherjee wrote: > > * Package name : scanbd > > Version : 1.5.1-5 > > > Changes since the last upload: > > > > [ Sudip Mukherjee ] > > * QA upload. > > * Fix ftbfs with GCC-9. (Closes: #925822) > > * Update Standards-Version to 4.4.1 > > * Update compat level to 12 > > * Add Pre-Depends to d/control > > . > > [ Ondřej Nový ] > > * d/copyright: Change Format URL to correct one > > * d/watch: Use https protocol > > I'm afraid the patch for strncpy() is invalid. > > While strncpy() is never the right function to use for C strings (it's > always either insecure or at least inefficient), memcpy() from a > dynamic-sized user controllable string to a fixed-size buffer isn't right > either.
I have now uploaded new version and its now back to strncpy but will always have a null terminated string. Can you please take a look when you get some time.. -- Regards Sudip
