diff options
| author | Andreas Schwab <schwab@redhat.com> | 2011-03-04 00:48:00 -0500 |
|---|---|---|
| committer | Ulrich Drepper <drepper@gmail.com> | 2011-03-04 00:48:00 -0500 |
| commit | 9d25c392ba73065ac20f518d1cef1cdc96860545 (patch) | |
| tree | 118582e0a368a8980cd7063b4c8b06aa92f7b9bc | |
| parent | a5543c6ad807f0b8ea793cb6d385f3dbeb0d98c5 (diff) | |
| download | glibc-9d25c392ba73065ac20f518d1cef1cdc96860545.tar.gz glibc-9d25c392ba73065ac20f518d1cef1cdc96860545.tar.xz glibc-9d25c392ba73065ac20f518d1cef1cdc96860545.zip | |
Don't read past end of buffer in fmemopen
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | libio/fmemopen.c | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog index 2cfa1e4046..16da2c1fa6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2011-03-03 Andreas Schwab <schwab@redhat.com> + + * libio/fmemopen.c (fmemopen): Don't read past end of buffer. + 2011-03-03 Roland McGrath <roland@redhat.com> * setjmp/bits/setjmp2.h: Canonicalize comment formatting. diff --git a/libio/fmemopen.c b/libio/fmemopen.c index d3750fc7de..1a631d5122 100644 --- a/libio/fmemopen.c +++ b/libio/fmemopen.c @@ -1,5 +1,5 @@ /* Fmemopen implementation. - Copyright (C) 2000, 2002, 2005, 2006, 2008, 2009 + Copyright (C) 2000, 2002, 2005, 2006, 2008, 2009, 2011 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Hanno Mueller, kontakt@hanno.de, 2000. @@ -243,7 +243,7 @@ fmemopen (void *buf, size_t len, const char *mode) if (mode[0] == 'w') c->buffer[0] = '\0'; - c->maxpos = strlen (c->buffer); + c->maxpos = strnlen (c->buffer, len); if (mode[0] == 'a') c->pos = c->maxpos; |