aboutsummaryrefslogtreecommitdiff
path: root/blaze822.c
diff options
context:
space:
mode:
authorLeah Neukirchen <leah@vuxu.org>2019-02-27 22:40:13 +0100
committerLeah Neukirchen <leah@vuxu.org>2019-02-27 22:40:13 +0100
commit3f2c714b4268e78bccb4fb3aaa2a77b3f0568744 (patch)
tree785f20aa8ab5266de27a3b504f5d82ce92859abb /blaze822.c
parentf8fa6a1e0e0dbd115544cd8e8716e7221ac1f3cb (diff)
downloadmblaze-3f2c714b4268e78bccb4fb3aaa2a77b3f0568744.tar.gz
blaze822: safe_append: fixes for various border cases
This fixes dstmax == dstlen and when src is completely full. Found by duncaen with afl.
Diffstat (limited to 'blaze822.c')
-rw-r--r--blaze822.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/blaze822.c b/blaze822.c
index 47710a3..2dfd79b 100644
--- a/blaze822.c
+++ b/blaze822.c
@@ -155,9 +155,12 @@ static size_t
safe_append(char *dst, size_t dstmax, char *srcbeg, char *srcend)
{
size_t srclen = srcend - srcbeg;
- size_t dstlen = strlen(dst);
+ size_t dstlen = strnlen(dst, dstmax);
- if (dstmax - dstlen - 1 < srclen)
+ if (dstlen == dstmax)
+ return 0;
+
+ if (dstmax - dstlen < srclen + 1)
srclen = dstmax - dstlen - 1;
memcpy(dst + dstlen, srcbeg, srclen);
dst[dstlen + srclen] = 0;