Fixed possible buffer overflows. Moved config_init past checking if config file exists.

diff --git a/src/kernel/kernel.cpp b/src/kernel/kernel.cpp
index 7e83ebc5ebfcdbb376b871811848bca9d2ee3125..1de50aff97eb9ab5abbc24186abc000eebc1faae 100644 (file)
--- a/src/kernel/kernel.cpp
+++ b/src/kernel/kernel.cpp
@@ -297,8 +297,6 @@ void QKernel::LoadConfig(char * fname)
   config_t cfg;
   const char *str;
 
-  config_init(&cfg);
-  
   /* Hack for checking if file exists without using external libs.*/
   FILE * file = fopen(fname, "r");
   if (!file) {
@@ -308,6 +306,8 @@ void QKernel::LoadConfig(char * fname)
   /* File exists, so file has been locked. Release it. */
   fclose(file);
   
+  config_init(&cfg);
+  
   /* Read the file. If there is an error, report it and exit. */
   if(!config_read_file(&cfg, fname)) 
   {
@@ -332,23 +332,21 @@ void QKernel::LoadConfig(char * fname)
   
   
   if(config_lookup_string(&cfg, "host", &str)) {
-    char host[255];
-    strcpy(host, str);//FIXME: buffer overflow
-    ConnectList.append(new ConnectEntry(host));
+    ConnectList.append(new ConnectEntry((char*)str));
   }
   else {
     AppConfiguration::error(&cfg);
   }
   
   if(config_lookup_string(&cfg, "progdir", &str)){
-    strcpy(progdir, str);//FIXME: buffer overflow
+    strncpy(progdir, str, 256);
   }
   else {
     AppConfiguration::error(&cfg);
   }
   
   if(config_lookup_string(&cfg, "homedir", &str)){
-    strcpy(HomeDir, str);//FIXME: buffer overflow
+    strncpy(HomeDir, str, 255);
   }
   else {
     AppConfiguration::error(&cfg);