Author: sveinung
Date: Wed May 10 10:14:48 2017
New Revision: 35474

URL: http://svn.gna.org/viewcvs/freeciv?rev=35474&view=rev
Log:
JSON protocol: make estring reading more careful.

The copying of extra bytes was found with Valgrind.

See hrm Feature #658458

Modified:
    trunk/common/networking/dataio_json.c

Modified: trunk/common/networking/dataio_json.c
URL: 
http://svn.gna.org/viewcvs/freeciv/trunk/common/networking/dataio_json.c?rev=35474&r1=35473&r2=35474&view=diff
==============================================================================
--- trunk/common/networking/dataio_json.c       (original)
+++ trunk/common/networking/dataio_json.c       Wed May 10 10:14:48 2017
@@ -946,11 +946,16 @@
   FC_FREE(escaped_value);
 
   /* Copy the unescaped value so CURL can free its own copy. */
-  memcpy(dest, unescaped_value, max_dest_size);
+  memcpy(dest, unescaped_value,
+         /* Don't copy the memory following unescaped_value. */
+         MIN(max_dest_size, strlen(unescaped_value) + 1));
 
   /* CURL's memory management wants to free this it self. */
   curl_free(unescaped_value);
 
+  /* Make sure that the string is terminated. */
+  dest[max_dest_size - 1] = '\0';
+
   return TRUE;
 }
 


_______________________________________________
Freeciv-commits mailing list
Freeciv-commits@gna.org
https://mail.gna.org/listinfo/freeciv-commits

Reply via email to