Implementation should allow pass only parts of string (shorten string) and must prohibit reading of uninitialized memory.
Signed-off-by: Jan Friesse <[email protected]> --- exec/icmap.c | 6 +++++- 1 files changed, 5 insertions(+), 1 deletions(-) diff --git a/exec/icmap.c b/exec/icmap.c index 2a53415..7e19673 100644 --- a/exec/icmap.c +++ b/exec/icmap.c @@ -345,7 +345,11 @@ static int icmap_check_value_len(const void *value, size_t value_len, icmap_valu } if (type == ICMAP_VALUETYPE_STRING) { - if (value_len > strlen((const char *)value)) { + /* + * value_len can be shorter then real string length, but never + * longer (+ 1 is because of 0 at the end of string) + */ + if (value_len > strlen((const char *)value) + 1) { return (-1); } else { return (0); -- 1.7.1 _______________________________________________ discuss mailing list [email protected] http://lists.corosync.org/mailman/listinfo/discuss
