TagString: use strndup() for unterminated string

Fixes buffer overflow bug.
author: Max Kellermann <max@duempel.org> 2014-10-10 22:06:48 +0200
committer: Max Kellermann <max@duempel.org> 2014-10-10 22:06:48 +0200
commit: 6520589a376bfc7ffbee899e6f689dd6319d2e68 (patch)
tree: 97c504bc3f54e0cb65ef9d1466a3471abba5e239 /src
parent: f445b0178ab84ec1484df9de4bd10663819efcc6 (diff)
download: mpd-6520589a376bfc7ffbee899e6f689dd6319d2e68.tar.gz
mpd-6520589a376bfc7ffbee899e6f689dd6319d2e68.tar.xz
mpd-6520589a376bfc7ffbee899e6f689dd6319d2e68.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/tag/TagString.cxx b/src/tag/TagString.cxx
index 22fbfc0b8..3a0f0b3f5 100644
--- a/src/tag/TagString.cxx
+++ b/src/tag/TagString.cxx
@@ -39,7 +39,7 @@ patch_utf8(const char *src, size_t length, const gchar *end)
 {
 	/* duplicate the string, and replace invalid bytes in that
 	   buffer */
-	char *dest = xstrdup(src);
+	char *dest = xstrndup(src, length);
 
 	do {
 		dest[end - src] = '?';
author	Max Kellermann <max@duempel.org>	2014-10-10 22:06:48 +0200
committer	Max Kellermann <max@duempel.org>	2014-10-10 22:06:48 +0200
commit	6520589a376bfc7ffbee899e6f689dd6319d2e68 (patch)
tree	97c504bc3f54e0cb65ef9d1466a3471abba5e239 /src
parent	f445b0178ab84ec1484df9de4bd10663819efcc6 (diff)
download	mpd-6520589a376bfc7ffbee899e6f689dd6319d2e68.tar.gz mpd-6520589a376bfc7ffbee899e6f689dd6319d2e68.tar.xz mpd-6520589a376bfc7ffbee899e6f689dd6319d2e68.zip