diff options
author | Mike Frysinger <vapier@gentoo.org> | 2007-04-11 22:52:20 +0000 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2007-04-11 22:52:20 +0000 |
commit | 58f5f42180d51e34050f09be39f3a1be1579e5bb (patch) | |
tree | ce082d9f329630cb6ccd9feba33b00e57404f340 | |
parent | 8334b87bcb31180c70a40ee78e549840fd2d9c0a (diff) |
POSIX says you can use realloc() to shrink buffers ... make sure we dont trigger a buffer overflow in that case
-rw-r--r-- | libc/stdlib/malloc-simple/alloc.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/libc/stdlib/malloc-simple/alloc.c b/libc/stdlib/malloc-simple/alloc.c index 321f31932..6689ef409 100644 --- a/libc/stdlib/malloc-simple/alloc.c +++ b/libc/stdlib/malloc-simple/alloc.c @@ -91,7 +91,8 @@ void *realloc(void *ptr, size_t size) newptr = malloc(size); if (newptr) { - memcpy(newptr, ptr, *((size_t *) (ptr - sizeof(size_t)))); + size_t old_size = *((size_t *) (ptr - sizeof(size_t))); + memcpy(newptr, ptr, (old_size < size ? old_size : size)); free(ptr); } return newptr; |