fdo-mirrors/cairo
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/cairo/cairo.git synced 2025-12-26 06:30:11 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix bug in strndup implementation

Browse source 
The strlen() could go past the n bytes and into a memory address we
don't have read access to.
This commit is contained in:
Adrian Johnson 2023-01-03 15:08:48 +10:30
parent 5e0e40e3c5
commit 82aa3fb80e
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
util/cairo-missing/strndup.c
View file

@ -37,15 +37,19 @@ char *
strndup (const char *s,
size_t n)
{
const char *end;
size_t len;
char *sdup;
if (s == NULL)
return NULL;
len = strlen (s);
if (len > n)
end = memchr (s, 0, n);
if (end)
len = end - s;
else
len = n;
sdup = (char *) _cairo_malloc (len + 1);
if (sdup != NULL) {
memcpy (sdup, s, len);