QA corner: possible buffer overflow.

author František Dvořák <valtri@civ.zcu.cz>

Thu, 14 Feb 2013 20:53:12 +0000 (21:53 +0100)

committer František Dvořák <valtri@civ.zcu.cz>

Thu, 14 Feb 2013 20:53:12 +0000 (21:53 +0100)
author František Dvořák <valtri@civ.zcu.cz>
Thu, 14 Feb 2013 20:53:12 +0000 (21:53 +0100)
committer František Dvořák <valtri@civ.zcu.cz>
Thu, 14 Feb 2013 20:53:12 +0000 (21:53 +0100)
diff --git a/org.glite.lb.server/src/lb_text.c b/org.glite.lb.server/src/lb_text.c

index 31d6536..9e15bea 100644 (file)
--- a/org.glite.lb.server/src/lb_text.c
+++ b/org.glite.lb.server/src/lb_text.c
@@ -295,7 +295,7 @@ int edg_wll_ConfigurationToText(edg_wll_Context ctx, int admin, char **message){
                 if (ctx->authz_policy_file && (fd = open(ctx->authz_policy_file, O_RDONLY)) >= 0){
                         off_t size = lseek(fd, 0, SEEK_END) - lseek(fd, 0, SEEK_SET);
                         if (size){
-                               char *pft = (char*)calloc(sizeof(char), size);
+                               char *pft = (char*)calloc(sizeof(char), size + 1);
                                 read(fd, pft, size);
                                 close(fd);
                                 pf = escape_text(pft);
author	František Dvořák <valtri@civ.zcu.cz>
	Thu, 14 Feb 2013 20:53:12 +0000 (21:53 +0100)
committer	František Dvořák <valtri@civ.zcu.cz>
	Thu, 14 Feb 2013 20:53:12 +0000 (21:53 +0100)