24 lines
862 B
Diff
24 lines
862 B
Diff
From 3070f11991cc2014685a28c0eaa1e033ffa8fe30 Mon Sep 17 00:00:00 2001
|
|
From: "Hong, Yang A" <yang.a.hong@intel.com>
|
|
Date: Thu, 28 Apr 2022 10:11:32 +0000
|
|
Subject: [PATCH] bugfix: fix overflow risk of strlen function
|
|
|
|
---
|
|
src/compiler/compiler.cpp | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/src/compiler/compiler.cpp b/src/compiler/compiler.cpp
|
|
index 6f993ffe..35f46b3f 100644
|
|
--- a/src/compiler/compiler.cpp
|
|
+++ b/src/compiler/compiler.cpp
|
|
@@ -323,7 +323,8 @@ void addExpression(NG &ng, unsigned index, const char *expression,
|
|
}
|
|
|
|
// Ensure that our pattern isn't too long (in characters).
|
|
- if (strlen(expression) > cc.grey.limitPatternLength) {
|
|
+ size_t maxlen = cc.grey.limitPatternLength + 1;
|
|
+ if (strnlen(expression, maxlen) >= maxlen) {
|
|
throw CompileError("Pattern length exceeds limit.");
|
|
}
|
|
|