diff --git a/channels/rdpdr/client/rdpdr_main.c b/channels/rdpdr/client/rdpdr_main.c index 9788736da..6203e33a0 100644 --- a/channels/rdpdr/client/rdpdr_main.c +++ b/channels/rdpdr/client/rdpdr_main.c @@ -1176,7 +1176,8 @@ static UINT rdpdr_process_connect(rdpdrPlugin* rdpdr) if (!drive->Path) continue; - BOOL hotplugAll = strncmp(drive->Path, "*", 2) == 0; + const char wildcard[] = "*"; + BOOL hotplugAll = strncmp(drive->Path, wildcard, sizeof(wildcard)) == 0; BOOL hotplugLater = strncmp(drive->Path, DynamicDrives, sizeof(DynamicDrives)) == 0; if (hotplugAll || hotplugLater) diff --git a/client/common/test/TestClientRdpFile.c b/client/common/test/TestClientRdpFile.c index e631bc8d4..e51123e72 100644 --- a/client/common/test/TestClientRdpFile.c +++ b/client/common/test/TestClientRdpFile.c @@ -539,13 +539,15 @@ int TestClientRdpFile(int argc, char* argv[]) if (iValue != 456) return -1; + const char microsoft[] = "microsoft"; sValue = freerdp_client_rdp_file_get_string_option(file, "vendor string"); - if (strncmp(sValue, "microsoft", 10) != 0) + if (strncmp(sValue, microsoft, sizeof(microsoft)) != 0) goto fail; + const char apple[] = "apple"; freerdp_client_rdp_file_set_string_option(file, "vendor string", "apple"); sValue = freerdp_client_rdp_file_get_string_option(file, "vendor string"); - if (strncmp(sValue, "apple", 6) != 0) + if (strncmp(sValue, apple, sizeof(apple)) != 0) goto fail; freerdp_client_rdp_file_set_string_option(file, "fruits", "banana,oranges"); diff --git a/libfreerdp/cache/persistent.c b/libfreerdp/cache/persistent.c index 36133fc98..2a85b5d7c 100644 --- a/libfreerdp/cache/persistent.c +++ b/libfreerdp/cache/persistent.c @@ -42,6 +42,8 @@ struct rdp_persistent_cache UINT32 bmpSize; }; +static const char sig_str[] = "RDP8bmp"; + int persistent_cache_get_version(rdpPersistentCache* persistent) { WINPR_ASSERT(persistent); @@ -258,7 +260,7 @@ static int persistent_cache_open_read(rdpPersistentCache* persistent) if (fread(sig, 8, 1, persistent->fp) != 1) return -1; - if (!strncmp((const char*)sig, "RDP8bmp", 8)) + if (memcmp(sig, sig_str, sizeof(sig_str)) == 0) persistent->version = 3; else persistent->version = 2; @@ -298,7 +300,7 @@ static int persistent_cache_open_write(rdpPersistentCache* persistent) if (persistent->version == 3) { PERSISTENT_CACHE_HEADER_V3 header = { 0 }; - strncpy((char*)header.sig, "RDP8bmp", 8); + memcpy(header.sig, sig_str, MIN(sizeof(header.sig), sizeof(sig_str))); header.flags = 0x00000006; if (fwrite(&header, sizeof(header), 1, persistent->fp) != 1) diff --git a/winpr/libwinpr/sspi/Negotiate/negotiate.c b/winpr/libwinpr/sspi/Negotiate/negotiate.c index 0d60f5d73..4ce7cf50e 100644 --- a/winpr/libwinpr/sspi/Negotiate/negotiate.c +++ b/winpr/libwinpr/sspi/Negotiate/negotiate.c @@ -922,11 +922,12 @@ static const Mech* guessMech(PSecBuffer input_buffer, BOOL* spNego, WinPrAsn1_OI WinPrAsn1Decoder decoder; WinPrAsn1Decoder appDecoder; WinPrAsn1_tagId tag = 0; + const char ssp[] = "NTLMSSP"; *spNego = FALSE; /* Check for NTLM token */ - if (input_buffer->cbBuffer >= 8 && strncmp(input_buffer->pvBuffer, "NTLMSSP", 8) == 0) + if (input_buffer->cbBuffer >= 8 && strncmp(input_buffer->pvBuffer, ssp, sizeof(ssp)) == 0) { *oid = ntlm_OID; return negotiate_GetMechByOID(&ntlm_OID);