From f9da8615e4be9b776aadaafa61803365f03005c3 Mon Sep 17 00:00:00 2001
From: iceman1001 <iceman@iuse.se>
Date: Sat, 4 Mar 2023 20:32:34 +0100
Subject: [PATCH] fix CID #405224

---
 client/src/cmdhfmf.c  | 5 +++--
 client/src/cmdhfmfu.c | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c
index 1a497c132..d5a629e90 100644
--- a/client/src/cmdhfmf.c
+++ b/client/src/cmdhfmf.c
@@ -2973,7 +2973,8 @@ all_found:
         free(fptr);
         return PM3_ESOFT;
     }
-    strcpy(filename, fptr);
+
+    strncpy(filename, fptr, sizeof(filename) - 1);
     free(fptr);
 
     saveFile(filename, ".bin", dump, bytes);
@@ -5411,7 +5412,7 @@ static int CmdHF14AMfice(const char *Cmd) {
         fptr = GenerateFilename("hf-mf-", "-nonces.bin");
         if (fptr == NULL)
             return PM3_EFILE;
-        strcpy(filename, fptr);
+        strncpy(filename, fptr, sizeof(filename) - 1);
         free(fptr);
     }
 
diff --git a/client/src/cmdhfmfu.c b/client/src/cmdhfmfu.c
index d5ac6537b..963786ebc 100644
--- a/client/src/cmdhfmfu.c
+++ b/client/src/cmdhfmfu.c
@@ -2870,7 +2870,7 @@ static int CmdHF14AMfURestore(const char *Cmd) {
     if (fnlen == 0) {
         char *fptr = GenerateFilename("hf-mfu-", "-dump.bin");
         if (fptr != NULL) {
-            strcpy(filename, fptr);
+            strncpy(filename, fptr, sizeof(filename) - 1);
         } else {
             snprintf(filename, sizeof(filename), "dumpdata.bin");
         }