diff options
| author | Leah Neukirchen <leah@vuxu.org> | 2019-02-27 22:40:13 +0100 |
|---|---|---|
| committer | Leah Neukirchen <leah@vuxu.org> | 2019-02-27 22:40:13 +0100 |
| commit | 3f2c714b4268e78bccb4fb3aaa2a77b3f0568744 (patch) | |
| tree | 785f20aa8ab5266de27a3b504f5d82ce92859abb | |
| parent | f8fa6a1e0e0dbd115544cd8e8716e7221ac1f3cb (diff) | |
| download | mblaze-3f2c714b4268e78bccb4fb3aaa2a77b3f0568744.tar.gz mblaze-3f2c714b4268e78bccb4fb3aaa2a77b3f0568744.tar.xz mblaze-3f2c714b4268e78bccb4fb3aaa2a77b3f0568744.zip | |
blaze822: safe_append: fixes for various border cases
This fixes dstmax == dstlen and when src is completely full. Found by duncaen with afl.
| -rw-r--r-- | blaze822.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/blaze822.c b/blaze822.c index 47710a3..2dfd79b 100644 --- a/blaze822.c +++ b/blaze822.c @@ -155,9 +155,12 @@ static size_t safe_append(char *dst, size_t dstmax, char *srcbeg, char *srcend) { size_t srclen = srcend - srcbeg; - size_t dstlen = strlen(dst); + size_t dstlen = strnlen(dst, dstmax); - if (dstmax - dstlen - 1 < srclen) + if (dstlen == dstmax) + return 0; + + if (dstmax - dstlen < srclen + 1) srclen = dstmax - dstlen - 1; memcpy(dst + dstlen, srcbeg, srclen); dst[dstlen + srclen] = 0; |