From aece36cd22aa50015d1eb737b2b31a0b7087e813 Mon Sep 17 00:00:00 2001
From: Eric Engestrom <eric@engestrom.ch>
Date: Sun, 1 May 2016 13:39:24 +0100
Subject: [PATCH 1/2] common: fix potential buffer overflow

---
 common/ipc-client.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/common/ipc-client.c b/common/ipc-client.c
index 93f2963ce..997a87d17 100644
--- a/common/ipc-client.c
+++ b/common/ipc-client.c
@@ -32,7 +32,8 @@ int ipc_open_socket(const char *socket_path) {
 		sway_abort("Unable to open Unix socket");
 	}
 	addr.sun_family = AF_UNIX;
-	strcpy(addr.sun_path, socket_path);
+	strncpy(addr.sun_path, socket_path, sizeof(addr.sun_path));
+	addr.sun_path[sizeof(addr.sun_path) - 1] = 0;
 	int l = sizeof(addr.sun_family) + strlen(addr.sun_path);
 	if (connect(socketfd, (struct sockaddr *)&addr, l) == -1) {
 		sway_abort("Unable to connect to %s", socket_path);

From e53ba08626e432f9ec14a7002a0d3ffd00b93c5d Mon Sep 17 00:00:00 2001
From: Eric Engestrom <eric@engestrom.ch>
Date: Sun, 1 May 2016 13:39:44 +0100
Subject: [PATCH 2/2] sway: fix potential buffer overflow

---
 sway/commands.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sway/commands.c b/sway/commands.c
index 79591925a..73e9ffaf0 100644
--- a/sway/commands.c
+++ b/sway/commands.c
@@ -506,7 +506,8 @@ static struct cmd_results *cmd_exec_always(int argc, char **argv) {
 
 	// Put argument into cmd array
 	char cmd[4096];
-	strcpy(cmd, tmp);
+	strncpy(cmd, tmp, sizeof(cmd));
+	cmd[sizeof(cmd) - 1] = 0;
 	free(tmp);
 	sway_log(L_DEBUG, "Executing %s", cmd);