From 20e9fc73e2c073c49e88b72fb5e07a0bb62b6d9d Mon Sep 17 00:00:00 2001 From: Yang Tse Date: Wed, 6 Feb 2008 19:01:13 +0000 Subject: [PATCH] Fix problem in strdup replacement when dealing with absolutely huge strings. --- CHANGES | 4 ++++ RELEASE-NOTES | 1 + lib/strdup.c | 8 ++++++-- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index e4f910471..96fa0af1e 100644 --- a/CHANGES +++ b/CHANGES @@ -6,6 +6,10 @@ Changelog +Yang Tse (6 Feb 2008) +- Fix an issue in strdup replacement function when dealing with absolutely + huge strings. Only systems without a standard strdup would be affected. + Daniel S (3 Feb 2008) - Dmitry Kurochkin cleaned up the pipelining code and removed the need for and use of the "is_in_pipeline" struct field. diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 9c590e55d..09c7c7513 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -15,6 +15,7 @@ This release includes the following changes: This release includes the following bugfixes: o improved pipelining + o improved strdup replacement This release includes the following known bugs: diff --git a/lib/strdup.c b/lib/strdup.c index 97a4890e0..eef9e08ec 100644 --- a/lib/strdup.c +++ b/lib/strdup.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2007, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2008, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -27,13 +27,17 @@ #ifndef HAVE_STRDUP char *curlx_strdup(const char *str) { - int len; + size_t len; char *newstr; if(!str) return (char *)NULL; len = strlen(str); + + if(len >= ((size_t)-1) / sizeof(char)) + return (char *)NULL; + newstr = (char *) malloc((len+1)*sizeof(char)); if(!newstr) return (char *)NULL;