fix strdup() on possibly unterminated string

Otherwise, a buffer read overflow may happen at file.c line 236
verdammelt · Oct 31, 2019 · 10e0216 · 10e0216
1 parent 75b2146
commit 10e0216
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/src/attr.c b/src/attr.c
@@ -256,9 +256,11 @@ attr_read (FILE* in)
     attr->type = (type_and_name >> 16);
     attr->name = ((type_and_name << 16) >> 16);
     attr->len = geti32(in);
-    attr->buf = CHECKED_XCALLOC (unsigned char, attr->len);
+    attr->buf = CHECKED_XCALLOC (unsigned char, attr->len + 1);
 
+    // fuzz - I think this should be null terminated?
     (void)getbuf(in, attr->buf, attr->len);
+    attr->buf[attr->len]='\0';
 
     checksum = geti16(in);
     if (!check_checksum(attr, checksum))