On Thu, 01 Apr 2010 08:40:37 -0300, David Bremner <david at tethera.net> wrote:
> On Thu, 04 Mar 2010 11:49:48 +0100, Gregor Hoffleit <gregor at hoffleit.de> 
> wrote:
> > In format_part_json, part_content->data is not a null terminated
> > string.
> 
> I'd like to see this bug fixed,

+1.

> and the patch is pretty small, but...
> 
> > Instead, we have to use part_content->len.
> > +   content_data = talloc_size (ctx, part_content->len+1);
> > +   memcpy (content_data, (char *)part_content->data, part_content->len+1);
> 
> Can anyone explain why we copy (what seems to me to be) one extra byte
> here?  In principle reading outside our allocated memory could cause
> problems; at minimum it makes a false positive for a memory checker like
> valgrind.

Agreed. It looks as though this should copy only part_content->len bytes.

dme.
-- 
David Edmondson, http://dme.org

Reply via email to