qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rudynedved <...@git.apache.org>
Subject [GitHub] qpid-proton pull request #:
Date Sat, 11 Nov 2017 14:26:36 GMT
Github user rudynedved commented on the pull request:

    For clarity, null terminated strings have X non-null characters and 1 null character.
Therefore the memory for a null terminated string is strlen()+1. A 4 character value such
as "abcd" will require memory for "abcd\0" which on most mallocs is 8 bytes.
    size = strlen(username+1) makes the username buffer shorter by 1. The subsequent malloc
for a username of "abcd" will be strlen("bcd") or size 3 when what is needed is 4+1 or 5.
    The fix is "size = strlen(username) + 1". Coverity is correct.


To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org

View raw message