sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2026-01-27 18:46:05 +03:00
Code Issues Packages Projects Releases Wiki Activity

[libc] Prevent strndup() from reading beyond the end of the string

Browse Source 
strndup() may be called on a string which is not NUL-terminated.  Use
strnlen() instead of strlen() to ensure that we do not read beyond the
end of such a string.

Add self-tests for strndup(), including a test case with an
unterminated string.

Originally-fixed-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2014-05-18 21:05:39 +01:00
parent 5249368950
commit 2b4be69eee
2 changed files with 21 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/tests/string_test.c
View File

@@ -134,6 +134,26 @@ static void string_test_exec ( void ) {
ok ( strcmp ( dup, orig ) == 0 );
free ( dup );
}
/* Test strndup() */
{
const char *normal = "testing testing";
const char unterminated[6] = { 'h', 'e', 'l', 'l', 'o', '!' };
char *dup;
dup = strndup ( normal, 32 );
ok ( dup != NULL );
ok ( dup != normal );
ok ( strcmp ( dup, normal ) == 0 );
free ( dup );
dup = strndup ( normal, 4 );
ok ( dup != NULL );
ok ( strcmp ( dup, "test" ) == 0 );
free ( dup );
dup = strndup ( unterminated, 5 );
ok ( dup != NULL );
ok ( strcmp ( dup, "hello" ) == 0 );
free ( dup );
}
}
/** String self-test */