[lxc-devel] [PATCH] Fix strlen on non-null terminated buffer strlen() becomes strnlen()
Christian Brauner
christianvanbrauner at gmail.com
Mon Sep 7 18:38:51 UTC 2015
Signed-off-by: Christian Brauner <christianvanbrauner at gmail.com>
---
src/lxc/lxccontainer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 932d658..ae9f895 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -2074,7 +2074,7 @@ static bool mod_rdep(struct lxc_container *c0, struct lxc_container *c, bool inc
* a multiple of a pagesize. Hence, we'll use memmem(). */
if ((del = memmem(buf, fbuf.st_size, newpath, len))) {
/* remove container entry */
- memmove(del, del + len, strlen(del) - len + 1);
+ memmove(del, del + len, strnlen(del, fbuf.st_size) - len + 1);
munmap(buf, fbuf.st_size);
--
2.5.1
More information about the lxc-devel
mailing list