Don't allocate more than is needed in BUF_strndup()

(Imported from upstream's 4ceb430a468e8226175aa3f169c0e746877c17e1,
4f7236edc7d5c384bdb148faf7b23f887cf18f69 and
ed693e43329383c0d68455d83778cdc9748a074d)
This commit is contained in:
Adam Langley 2014-06-20 12:00:00 -07:00
parent b4b9914f74
commit 3e449b1b05
2 changed files with 19 additions and 0 deletions

View File

@ -153,6 +153,18 @@ char *BUF_strdup(const char *buf) {
return BUF_strndup(buf, strlen(buf)); return BUF_strndup(buf, strlen(buf));
} }
size_t BUF_strnlen(const char *str, size_t max_len) {
size_t i;
for (i = 0; i < max_len; i++) {
if (str[i] == 0) {
break;
}
}
return i;
}
char *BUF_strndup(const char *buf, size_t size) { char *BUF_strndup(const char *buf, size_t size) {
char *ret; char *ret;
size_t alloc_size; size_t alloc_size;
@ -161,6 +173,8 @@ char *BUF_strndup(const char *buf, size_t size) {
return NULL; return NULL;
} }
size = BUF_strnlen(buf, size);
alloc_size = size + 1; alloc_size = size + 1;
if (alloc_size < size) { if (alloc_size < size) {
/* overflow */ /* overflow */

View File

@ -89,6 +89,11 @@ size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
/* BUF_strdup returns an allocated, duplicate of |str|. */ /* BUF_strdup returns an allocated, duplicate of |str|. */
char *BUF_strdup(const char *str); char *BUF_strdup(const char *str);
/* BUF_strnlen returns the number of characters in |str|, excluding the NUL
* byte, but at most |max_len|. This function never reads more than |max_len|
* bytes from |str|. */
size_t BUF_strnlen(const char *str, size_t max_len);
/* BUF_strndup returns an allocated, duplicate of |str|, which is, at most, /* BUF_strndup returns an allocated, duplicate of |str|, which is, at most,
* |size| bytes. The result is always NUL terminated. */ * |size| bytes. The result is always NUL terminated. */
char *BUF_strndup(const char *str, size_t size); char *BUF_strndup(const char *str, size_t size);