Fix buffer overrun; str_ptyp data blocks are raw byte arrays and not strings,

author David Given <dg@cowlark.com>

Mon, 30 Jan 2017 18:37:22 +0000 (18:37 +0000)

committer David Given <dg@cowlark.com>

Mon, 30 Jan 2017 18:37:22 +0000 (18:37 +0000)
author David Given <dg@cowlark.com>
Mon, 30 Jan 2017 18:37:22 +0000 (18:37 +0000)
committer David Given <dg@cowlark.com>
Mon, 30 Jan 2017 18:37:22 +0000 (18:37 +0000)
diff --git a/mach/proto/mcg/parse_em.c b/mach/proto/mcg/parse_em.c

index d4bdeed..441b14e 100644 (file)
--- a/mach/proto/mcg/parse_em.c
+++ b/mach/proto/mcg/parse_em.c
@@ -237,8 +237,12 @@ static void parse_pseu(void)
                  }
  
                                 case str_ptyp:
-                    data_block((const uint8_t*) strdup(em.em_string), em.em_size, ro);
+                {
+                    uint8_t* copy = malloc(em.em_size);
+                    memcpy(copy, em.em_string, em.em_size);
+                    data_block(copy, em.em_size, ro);
                                         break;
+                }
  
                  case cst_ptyp:
                      data_int(em.em_cst, EM_wordsize, ro);
author	David Given <dg@cowlark.com>
	Mon, 30 Jan 2017 18:37:22 +0000 (18:37 +0000)
committer	David Given <dg@cowlark.com>
	Mon, 30 Jan 2017 18:37:22 +0000 (18:37 +0000)