summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2007-04-11 22:52:20 +0000
committerMike Frysinger <vapier@gentoo.org>2007-04-11 22:52:20 +0000
commit58f5f42180d51e34050f09be39f3a1be1579e5bb (patch)
treece082d9f329630cb6ccd9feba33b00e57404f340
parent8334b87bcb31180c70a40ee78e549840fd2d9c0a (diff)
POSIX says you can use realloc() to shrink buffers ... make sure we dont trigger a buffer overflow in that case
-rw-r--r--libc/stdlib/malloc-simple/alloc.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/libc/stdlib/malloc-simple/alloc.c b/libc/stdlib/malloc-simple/alloc.c
index 321f31932..6689ef409 100644
--- a/libc/stdlib/malloc-simple/alloc.c
+++ b/libc/stdlib/malloc-simple/alloc.c
@@ -91,7 +91,8 @@ void *realloc(void *ptr, size_t size)
newptr = malloc(size);
if (newptr) {
- memcpy(newptr, ptr, *((size_t *) (ptr - sizeof(size_t))));
+ size_t old_size = *((size_t *) (ptr - sizeof(size_t)));
+ memcpy(newptr, ptr, (old_size < size ? old_size : size));
free(ptr);
}
return newptr;