(header_get_field_name): Fix buffer overflow (IDEF0957).
Showing
1 changed file
with
1 additions
and
1 deletions
| ... | @@ -710,7 +710,7 @@ header_get_field_name (header_t header, size_t num, char *buf, | ... | @@ -710,7 +710,7 @@ header_get_field_name (header_t header, size_t num, char *buf, |
| 710 | { | 710 | { |
| 711 | /* save one for the null */ | 711 | /* save one for the null */ |
| 712 | --buflen; | 712 | --buflen; |
| 713 | len = (len > buflen) ? len : len; | 713 | len = (len > buflen) ? buflen : len; |
| 714 | memcpy (buf, header->hdr[num].fn, len); | 714 | memcpy (buf, header->hdr[num].fn, len); |
| 715 | buf[len] = '\0'; | 715 | buf[len] = '\0'; |
| 716 | } | 716 | } | ... | ... |
-
Please register or sign in to post a comment