Don't allocate more than is needed in BUF_strndup().

2024-11-27 05:21:51 +08:00 · 2014-05-20 13:52:31 +01:00 · 2014-05-20 13:52:31 +01:00 · d8ac1ea77e
commit d8ac1ea77e
parent dcca7b13e9
1 changed files with 5 additions and 0 deletions
--- a/crypto/buffer/buf_str.c
+++ b/crypto/buffer/buf_str.c
@ -71,9 +71,14 @@ char *BUF_strdup(const char *str)
 char *BUF_strndup(const char *str, size_t siz)
 	{
 	char *ret;
+	size_t len;

 	if (str == NULL) return(NULL);

+	len = strlen(str);
+	if (siz > len)
+	    siz = len;
+
 	ret=OPENSSL_malloc(siz+1);
 	if (ret == NULL) 
 		{