[klibc] [PATCH 0/2] Correct various strndup() problems
H. Peter Anvin
hpa at zytor.com
Fri Jun 24 14:46:58 PDT 2011
On 06/24/2011 02:01 AM, Romain Izard wrote:
> The current implementation of strndup() has some shortcomings that can
> lead to a fatal error.
>
> - If we pass a maximum string length larger than the copied length, we
> will corrupt some data beyond the end of the newly allocated buffer.
>
> - The maximum length does not prevent access to memory beyond the
> maximum length, which can lead to unexpectd errors with strings not
> terminated by 0.
>
> Romain Izard (2):
> strndup(): Fix out of bounds read access
> strndup(): Do not corrupt the memory pool
>
> usr/klibc/strndup.c | 7 +++----
> 1 files changed, 3 insertions(+), 4 deletions(-)
>
Looks great, thanks!
-hpa
More information about the klibc
mailing list