Diffusion FreeBSD src repository 6162c06963ab

libkern: Avoid a one-byte OOB access in strndup()
6162c06963ab
Actions

Description

libkern: Avoid a one-byte OOB access in strndup()

If the length of the string is maxlen, we would end up copying maxlen+1
bytes, which violates the contract of the function. The result is the
same since that extra byte is overwritten.

Reported by: Kevin Day <kevin@your.org>
Reviewed by: imp, kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D54093

(cherry picked from commit 73586fcea630c2c4fb83e966920c039aee8a5fc9)

Details

Provenance

markj

Authored on Dec 8 2025, 2:08 PM

Reviewer

imp

Differential Revision

D54093: libkern: Avoid a one-byte OOB access in strndup()

Parents

rGd988a0c1fc4c: zfs: Merge commit 86b064469dc9c2 from OpenZFS

Branches

Unknown

Tags

Unknown

Event Timeline

markj committed rG6162c06963ab: libkern: Avoid a one-byte OOB access in strndup() (authored by markj).Dec 15 2025, 2:09 PM

markj added an edge: D54093: libkern: Avoid a one-byte OOB access in strndup().Dec 15 2025, 2:17 PM

Changes (1)

Path

Size

sys/

libkern/

strndup.c

rG6162c06963ab

View Options