Github user rudynedved commented on the pull request:
https://github.com/apache/qpid-proton/commit/de3fd617210b5d5a2f2c3e384c33905dbf75ad58#commitcomment-25551886
For clarity, null terminated strings have X non-null characters and 1 null
character. Therefore the memory for a null terminated string is strlen()+1. A 4
character value such as "abcd" will require memory for "abcd\0" which on most
mallocs is 8 bytes.
size = strlen(username+1) makes the username buffer shorter by 1. The
subsequent malloc for a username of "abcd" will be strlen("bcd") or size 3 when
what is needed is 4+1 or 5.
The fix is "size = strlen(username) + 1". Coverity is correct.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
