In failure cases the destination string pointer is set to NULL, but
the size is not changed. Some callers have not been checking the
return value and passing the destination pointer and uninitialised
length onto other functions. We can curse and blame those callers, but
let's also keep them safe.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
void **dest = (void **)dst;
*dest = NULL;
+ if (converted_size != NULL) {
+ *converted_size = 0;
+ }
if (src == NULL || srclen == (size_t)-1) {
errno = EINVAL;