Displaying 2 results from an estimated 2 matches for "65afd44".
Did you mean:
17afd44
2011 Jun 10
0
[PATCH] strndup(): Fix possible null pointer dereference
Directly return NULL if malloc failed.
Signed-off-by: maximilian attems <max at stro.at>
---
usr/klibc/strndup.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/usr/klibc/strndup.c b/usr/klibc/strndup.c
index 8b5974a..65afd44 100644
--- a/usr/klibc/strndup.c
+++ b/usr/klibc/strndup.c
@@ -10,8 +10,10 @@ char *strndup(const char *s, size_t n)
int l = n > strlen(s) ? strlen(s) + 1 : n + 1;
char *d = malloc(l);
- if (d)
- memcpy(d, s, l);
+ if (!d)
+ return NULL;
+
+ memcpy(d, s, l);
d[n] = '\0';
retu...
2011 Jun 24
4
[PATCH 0/2] Correct various strndup() problems
The current implementation of strndup() has some shortcomings that can
lead to a fatal error.
- If we pass a maximum string length larger than the copied length, we
will corrupt some data beyond the end of the newly allocated buffer.
- The maximum length does not prevent access to memory beyond the
maximum length, which can lead to unexpectd errors with strings not
terminated by 0.