diff options
author | n_hibma <n_hibma@FreeBSD.org> | 2000-07-16 17:28:01 +0000 |
---|---|---|
committer | n_hibma <n_hibma@FreeBSD.org> | 2000-07-16 17:28:01 +0000 |
commit | 6429949771ff193d33ec91265140604b08f287c3 (patch) | |
tree | 6cc2938b9bd69fd251aee521cc0bfee2590f904b /usr.sbin | |
parent | d9cd8828ab8fd926c306724a5e7772c89f9dbfa7 (diff) | |
download | FreeBSD-src-6429949771ff193d33ec91265140604b08f287c3.zip FreeBSD-src-6429949771ff193d33ec91265140604b08f287c3.tar.gz |
And another buffer overflow. Maybe next time I should read the manpage for
strlen.
This one only occurs if there is exactly one element on the line without any
whitespace. This is however never a valid line, so not a big chance that
this would ever cause any problems.
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/usbd/usbd.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr.sbin/usbd/usbd.c b/usr.sbin/usbd/usbd.c index d63ceef..ecf1001 100644 --- a/usr.sbin/usbd/usbd.c +++ b/usr.sbin/usbd/usbd.c @@ -241,7 +241,7 @@ get_string(char *src, char **rdst, char **rsrc) int j; /* index into dst */ int quoted = 0; /* 1 for single, 2 for double quoted */ - dst = malloc(strlen(src)); /* XXX allocation is too big, realloc?*/ + dst = malloc(strlen(src)+1); /* XXX allocation is too big, realloc?*/ if (dst == NULL) { /* should not happen, really */ fprintf(stderr, "%s:%d: Out of memory\n", configfile, lineno); exit(2); |