sarah
/
tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

scan-build: memarea_strndup() undefined behavior 

The memarea_strndup() function would have hit undefined behavior by
creating an 'end' pointer off the end of a string if it had ever been
given an 'n' argument bigger than the length of the memory ares that
it's scanning.  Fortunately, we never did that except in the unit
tests.  But it's not a safe behavior to leave lying around.
This commit is contained in:
Nick Mathewson 2014-04-19 13:16:56 -04:00
parent 685d450ab3
commit 3b1f7f75a7
1 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/common/memarea.c
View File

@ -291,14 +291,11 @@ memarea_strdup(memarea_t *area, const char *s)
char *
memarea_strndup(memarea_t *area, const char *s, size_t n)
{
size_t ln;
size_t ln = 0;
char *result;
const char *cp, *end = s+n;
tor_assert(n < SIZE_T_CEILING);
for (cp = s; cp < end && *cp; ++cp)
for (ln = 0; ln < n && s[ln]; ++ln)
;
/* cp now points to s+n, or to the 0 in the string. */
ln = cp-s;
result = memarea_alloc(area, ln+1);
memcpy(result, s, ln);
result[ln]='\0';