Home Explore Help
Sign In
miti
/
graphene
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

[Pal/lib] Add check on string lengths in macro strcmp_static()

Without this check, memcmp() could scan past the end of var string.
Krishnakumar, Sudha 5 years ago
parent
ea72e84a88
commit
6142c13339
1 changed files with 4 additions and 2 deletions
Split View Show Diff Stats
  1. 4 2
      Pal/lib/api.h

+ 4 - 2
Pal/lib/api.h
View File 

@@ -146,8 +146,10 @@ void *calloc(size_t nmemb, size_t size);
 
 #define force_literal_cstr(str)   ("" str "")
 
 
 /* check if the var is exactly the same as the static string */
 
-#define strcmp_static(var, str) \
 
-    (memcmp(var, force_literal_cstr(str), static_strlen(force_literal_cstr(str)) + 1))
 
+#define strcmp_static(var, str)                                               \
 
+    (memcmp(var,                                                              \
 
+            force_literal_cstr(str),                                          \
 
+            MIN(strlen(var) + 1, static_strlen(force_literal_cstr(str))) + 1))
 
 
 /* check if the var starts with the static string */
 
 #define strstartswith_static(var, str) \