strlcat() isn't supposed to access *dst past dst_sz

author Asanka Herath <asanka@secure-endpoints.com>

Tue, 24 Aug 2010 04:04:17 +0000 (00:04 -0400)

committer Asanka C. Herath <asanka@secure-endpoints.com>

Tue, 14 Sep 2010 12:03:32 +0000 (08:03 -0400)
author Asanka Herath <asanka@secure-endpoints.com>
Tue, 24 Aug 2010 04:04:17 +0000 (00:04 -0400)
committer Asanka C. Herath <asanka@secure-endpoints.com>
Tue, 14 Sep 2010 12:03:32 +0000 (08:03 -0400)
diff --git a/lib/roken/strlcat.c b/lib/roken/strlcat.c

index 0b676ef98c1179d330eb698e7f531fe7093088a2..e8fe1b781c6728d2630d1f257a520e79312635b4 100644 (file)
--- a/lib/roken/strlcat.c
+++ b/lib/roken/strlcat.c
@@ -39,9 +39,16 @@
  ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL
  strlcat (char *dst, const char *src, size_t dst_sz)
  {
-    size_t len = strlen(dst);
+    size_t len;
+#if defined(_MSC_VER) && _MSC_VER >= 1400
+    len = strnlen_s(dst, dst_sz);
+#elif defined(HAVE_STRNLEN)
+    len = strnlen(dst, dst_sz);
+#else
+    len = strlen(dst);
+#endif
  
-    if (dst_sz < len)
+    if (dst_sz <= len)
         /* the total size of dst is less than the string it contains;
             this could be considered bad input, but we might as well
             handle it */
author	Asanka Herath <asanka@secure-endpoints.com>
	Tue, 24 Aug 2010 04:04:17 +0000 (00:04 -0400)
committer	Asanka C. Herath <asanka@secure-endpoints.com>
	Tue, 14 Sep 2010 12:03:32 +0000 (08:03 -0400)