From df017160ed9a9856c3a8eb08de29d77c14df70f0 Mon Sep 17 00:00:00 2001
From: Romain Vimont <rom@rom1v.com>
Date: Sun, 20 Jun 2021 12:33:05 +0200
Subject: [PATCH] Replace strcpy() by memcpy()

It was safe to call strcpy() since the input length was checked, but
then it is more straightforward to call memcpy() directly.
---
 app/src/scrcpy.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/app/src/scrcpy.c b/app/src/scrcpy.c
index 17902156..4dcb412f 100644
--- a/app/src/scrcpy.c
+++ b/app/src/scrcpy.c
@@ -216,14 +216,15 @@ av_log_callback(void *avcl, int level, const char *fmt, va_list vl) {
     if (priority == 0) {
         return;
     }
-    char *local_fmt = malloc(strlen(fmt) + 10);
+
+    size_t fmt_len = strlen(fmt);
+    char *local_fmt = malloc(fmt_len + 10);
     if (!local_fmt) {
         LOGC("Could not allocate string");
         return;
     }
-    // strcpy is safe here, the destination is large enough
-    strcpy(local_fmt, "[FFmpeg] ");
-    strcpy(local_fmt + 9, fmt);
+    memcpy(local_fmt, "[FFmpeg] ", 9); // do not write the final '\0'
+    memcpy(local_fmt + 9, fmt, fmt_len + 1); // include '\0'
     SDL_LogMessageV(SDL_LOG_CATEGORY_VIDEO, priority, local_fmt, vl);
     free(local_fmt);
 }