gbranden pushed a commit to branch master
in repository groff.
commit 723cdea5f7b386cc8b4f4c1f648d968cfbdf62a4
Author: G. Branden Robinson <[email protected]>
AuthorDate: Fri Jun 26 19:30:38 2026 -0500
[libgroff]: Fix off-by-one errors in string class.
* src/libs/libgroff/string.cpp (salloc, sfree_and_alloc)
(string::operator+=(const char *))
(string::operator+=(const string &)): Fix off-by-one errors,
maintaining the new invariant that a groff `string` is always
null-terminated.
---
ChangeLog | 8 ++++++++
src/libs/libgroff/string.cpp | 8 ++++----
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 84d3a539a..370081839 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2026-06-26 G. Branden Robinson <[email protected]>
+
+ * src/libs/libgroff/string.cpp (salloc, sfree_and_alloc)
+ (string::operator+=(const char *))
+ (string::operator+=(const string &)): Fix off-by-one errors,
+ maintaining the new invariant that a groff `string` is always
+ null-terminated.
+
2026-07-02 G. Branden Robinson <[email protected]>
* src/roff/troff/env.cpp (environment::add_node): Fix code style
diff --git a/src/libs/libgroff/string.cpp b/src/libs/libgroff/string.cpp
index d27465bd1..db4e39cdb 100644
--- a/src/libs/libgroff/string.cpp
+++ b/src/libs/libgroff/string.cpp
@@ -72,7 +72,7 @@ static char *salloc(size_t len, size_t *sizep)
static char *sfree_and_alloc(char *ptr, size_t oldsz, size_t len,
size_t *sizep)
{
- if (oldsz >= len) {
+ if (oldsz >= (len + 1 /* `\0` */)) {
*sizep = oldsz;
if (oldsz > len)
memset((ptr + len), 0, (oldsz - len));
@@ -98,7 +98,7 @@ static char *sfree_and_alloc(char *ptr, size_t oldsz, size_t
len,
static char *srealloc(char *ptr, size_t oldsz, size_t oldlen,
size_t newlen, size_t *sizep)
{
- if (oldsz >= newlen) {
+ if (oldsz >= (newlen + 1 /* `\0` */)) {
*sizep = oldsz;
if (oldsz > newlen)
memset((ptr + newlen), 0, (oldsz - newlen));
@@ -231,7 +231,7 @@ string &string::operator+=(const char *p)
if (p != 0 /* nullptr */) {
size_t n = strlen(p);
size_t newlen = len + n;
- if (newlen > sz) {
+ if (sz < (newlen + 1 /* `\0` */)) {
ptr = srealloc(ptr, sz, len, newlen, &sz);
assert(ptr != 0 /* nullptr */);
}
@@ -245,7 +245,7 @@ string &string::operator+=(const string &s)
{
if (s.len != 0) {
size_t newlen = len + s.len;
- if (newlen > sz) {
+ if (sz < (newlen + 1 /* `\0` */)) {
ptr = srealloc(ptr, sz, len, newlen, &sz);
assert(ptr != 0 /* nullptr */);
}
_______________________________________________
groff-commit mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/groff-commit