fix missing zero-termination in strreplace

2022-10-04

author
Mike Becker <universe@uap-core.de>
date
Tue, 04 Oct 2022 18:55:20 +0200 (2022-10-04)
changeset 590
02a56701a5cb
parent 589
c290f8fd979e
child 591
7df0bcaecffa

fix missing zero-termination in strreplace

src/string.c file | annotate | diff | comparison | revisions
--- a/src/string.c	Tue Oct 04 18:49:14 2022 +0200
+++ b/src/string.c	Tue Oct 04 18:55:20 2022 +0200
@@ -550,8 +550,8 @@
 
 struct cx_strreplace_ibuf {
     size_t *buf;
-    unsigned int len; /* small indices */
     struct cx_strreplace_ibuf *next;
+    unsigned int len;
 };
 
 static void cx_strrepl_free_ibuf(struct cx_strreplace_ibuf *buf) {
@@ -637,7 +637,7 @@
             curbuf = curbuf->next;
         } while (curbuf);
         result.length = str.length + rcount * adjlen;
-        result.ptr = cxMalloc(allocator, result.length);
+        result.ptr = cxMalloc(allocator, result.length + 1);
         if (!result.ptr) {
             cx_strrepl_free_ibuf(firstbuf);
             return cx_mutstrn(NULL, 0);
@@ -668,6 +668,9 @@
     } while (curbuf);
     memcpy(destptr, str.ptr + srcidx, str.length - srcidx);
 
+    /* Result is guaranteed to be zero-terminated */
+    result.ptr[result.length] = '\0';
+
     /* Free index buffer */
     cx_strrepl_free_ibuf(firstbuf);
 

mercurial