summaryrefslogtreecommitdiff
path: root/xs.h
diff options
context:
space:
mode:
authorGravatar grunfink2023-04-10 13:11:34 +0000
committerGravatar grunfink2023-04-10 13:11:34 +0000
commit5ae107188f1587d09bb52b3b6c5d661bcfb1724d (patch)
treefa4bc80525da91bfe9da28704e21a4c9efe1c77d /xs.h
parentUpdated RELEASE_NOTES. (diff)
parentFix heap overflow from curl-originating buffers (diff)
downloadsnac2-5ae107188f1587d09bb52b3b6c5d661bcfb1724d.tar.gz
snac2-5ae107188f1587d09bb52b3b6c5d661bcfb1724d.tar.xz
snac2-5ae107188f1587d09bb52b3b6c5d661bcfb1724d.zip
Merge pull request 'Fix some overflow bugs' (#29) from saagarjha/snac2:master into master
Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/29
Diffstat (limited to 'xs.h')
-rw-r--r--xs.h6
1 files changed, 3 insertions, 3 deletions
diff --git a/xs.h b/xs.h
index 2fc7dda..fef91b7 100644
--- a/xs.h
+++ b/xs.h
@@ -1057,12 +1057,12 @@ xs_data *xs_data_new(const void *data, int size)
1057 xs_data *v; 1057 xs_data *v;
1058 1058
1059 /* add the overhead (data type + 24bit size) */ 1059 /* add the overhead (data type + 24bit size) */
1060 size += 4; 1060 int total_size = size + 4;
1061 1061
1062 v = xs_realloc(NULL, _xs_blk_size(size)); 1062 v = xs_realloc(NULL, _xs_blk_size(total_size));
1063 v[0] = XSTYPE_DATA; 1063 v[0] = XSTYPE_DATA;
1064 1064
1065 _xs_put_24b(v + 1, size); 1065 _xs_put_24b(v + 1, total_size);
1066 1066
1067 memcpy(&v[4], data, size); 1067 memcpy(&v[4], data, size);
1068 1068
HIC SVNT DRACONES