Diffusion FreeBSD src repository 73586fcea630

libkern: Avoid a one-byte OOB access in strndup()
73586fcea630
Actions

Description

libkern: Avoid a one-byte OOB access in strndup()

If the length of the string is maxlen, we would end up copying maxlen+1
bytes, which violates the contract of the function. The result is the
same since that extra byte is overwritten.

Reported by: Kevin Day <kevin@your.org>
Reviewed by: imp, kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D54093

Details

Provenance

markj

Authored on Mon, Dec 8, 2:08 PM

Reviewer

imp

Differential Revision

D54093: libkern: Avoid a one-byte OOB access in strndup()

Parents

rG792221630bf4: rtsold: Fix a buffer leak if we fail to read the default router sysctl

Branches

Unknown

Tags

Unknown

Event Timeline

markj committed rG73586fcea630: libkern: Avoid a one-byte OOB access in strndup() (authored by markj).Mon, Dec 8, 2:08 PM

markj added an edge: D54093: libkern: Avoid a one-byte OOB access in strndup().Mon, Dec 8, 2:12 PM

Changes (1)

Path

Size

sys/

libkern/

strndup.c

rG73586fcea630

View Options