From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 20119 invoked by alias); 28 Feb 2011 10:36:33 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: X-Seq: 28812 Received: (qmail 29511 invoked from network); 28 Feb 2011 10:36:30 -0000 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE, SPF_HELO_PASS autolearn=ham version=3.3.1 Received-SPF: none (ns1.primenet.com.au: domain at bewatermyfriend.org does not designate permitted sender hosts) From: Frank Terbeck To: zsh-workers@zsh.org Subject: PATCH: Fix multibyte memory allocation in `wcs_ztrdup()' Date: Mon, 28 Feb 2011 11:35:00 +0100 Message-Id: <1298889300-29679-1-git-send-email-ft@bewatermyfriend.org> X-Mailer: git-send-email 1.7.4.rc1.7.g2cf08 X-Df-Sender: 430444 This was spotted by Thorsten Glaser from the mirbsd project. `zalloc()' uses malloc(3) to allocate memory. wcslen(3) returns the number of multibyte *characters* in a given string (N). The destination string will have to be able to store N+1 wchar_ts, not N+1 bytes. Regards, Frank --- Src/string.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/Src/string.c b/Src/string.c index 2bd1bae..4d74aa0 100644 --- a/Src/string.c +++ b/Src/string.c @@ -64,7 +64,7 @@ wcs_ztrdup(const wchar_t *s) if (!s) return NULL; - t = (wchar_t *)zalloc(wcslen((wchar_t *)s) + 1); + t = (wchar_t *)zalloc(sizeof(wchar_t) * wcslen((wchar_t *)s) + 1); wcscpy(t, s); return t; } -- 1.7.4.rc1.7.g2cf08