storm/w3m
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Prevent heap-buffer-overflow in Strnew_size()

Browse Source 
Bug-Debian: https://github.com/tats/w3m/issues/72
This commit is contained in:
Tatsuya Kinoshita
2016-12-10 17:41:01 +09:00
parent f763b8ebf5
commit 4381dffaa3
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Str.c
View File

@@ -48,6 +48,8 @@ Str
Strnew_size(int n) Strnew_size(int n)
{ {
Str x = GC_MALLOC(sizeof(struct _Str)); Str x = GC_MALLOC(sizeof(struct _Str));
if (n < 0)
n = 0;
x->ptr = GC_MALLOC_ATOMIC(n + 1); x->ptr = GC_MALLOC_ATOMIC(n + 1);
x->ptr[0] = '\0'; x->ptr[0] = '\0';
x->area_size = n + 1; x->area_size = n + 1;