From 2b4be69eee372e1010af2302e82c3d0cf1d875e9 Mon Sep 17 00:00:00 2001
From: Michael Brown
Date: Sun, 18 May 2014 21:05:39 +0100
Subject: [libc] Prevent strndup() from reading beyond the end of the string

strndup() may be called on a string which is not NUL-terminated.  Use
strnlen() instead of strlen() to ensure that we do not read beyond the
end of such a string.

Add self-tests for strndup(), including a test case with an
unterminated string.

Originally-fixed-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
---
 src/tests/string_test.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

(limited to 'src/tests')

diff --git a/src/tests/string_test.c b/src/tests/string_test.c
index 934c537cf..3b48d9f3d 100644
--- a/src/tests/string_test.c
+++ b/src/tests/string_test.c
@@ -134,6 +134,26 @@ static void string_test_exec ( void ) {
 		ok ( strcmp ( dup, orig ) == 0 );
 		free ( dup );
 	}
+
+	/* Test strndup() */
+	{
+		const char *normal = "testing testing";
+		const char unterminated[6] = { 'h', 'e', 'l', 'l', 'o', '!' };
+		char *dup;
+		dup = strndup ( normal, 32 );
+		ok ( dup != NULL );
+		ok ( dup != normal );
+		ok ( strcmp ( dup, normal ) == 0 );
+		free ( dup );
+		dup = strndup ( normal, 4 );
+		ok ( dup != NULL );
+		ok ( strcmp ( dup, "test" ) == 0 );
+		free ( dup );
+		dup = strndup ( unterminated, 5 );
+		ok ( dup != NULL );
+		ok ( strcmp ( dup, "hello" ) == 0 );
+		free ( dup );
+	}
 }
 
 /** String self-test */
-- 
cgit v1.2.3-55-g7522