Bug 1192982 - increase buffer size, memset it to 0 and then do the right way strncpy. r=jaas
authorBogdan Postelnicu <bogdan.postelnicu>
Fri, 27 Nov 2015 06:24:00 +0100
changeset 314612 3394473d21016267c9f430a269c209cf623646bd
parent 314611 c798c2576ad4228df74ac4dd69c702ebe9e3ecce
child 314613 ecdefe80c366986377373daed8b21cafc147a477
push id8237
push userjbeich@vfemail.net
push dateTue, 08 Dec 2015 12:55:06 +0000
reviewersjaas
bugs1192982
milestone45.0a1
Bug 1192982 - increase buffer size, memset it to 0 and then do the right way strncpy. r=jaas
dom/plugins/test/testplugin/nptest.cpp
--- a/dom/plugins/test/testplugin/nptest.cpp
+++ b/dom/plugins/test/testplugin/nptest.cpp
@@ -423,18 +423,23 @@ static void clearIdentifiers()
   memset(sPluginPropertyIdentifiers, 0,
       MOZ_ARRAY_LENGTH(sPluginPropertyIdentifiers) * sizeof(NPIdentifier));
 
   sIdentifiersInitialized = false;
 }
 
 static void addRange(InstanceData* instanceData, const char* range)
 {
-  char rangestr[16];
-  strncpy(rangestr, range, sizeof(rangestr));
+  /*
+  increased rangestr size from 16 to 17, the 17byte is only for
+  null terminated value, maybe for actual capacity it needs 16 bytes
+  */
+  char rangestr[17];
+  memset(rangestr, 0, sizeof(rangestr));
+  strncpy(rangestr, range, sizeof(rangestr) - sizeof(char));
   const char* str1 = strtok(rangestr, ",");
   const char* str2 = str1 ? strtok(nullptr, ",") : nullptr;
   if (str1 && str2) {
     TestRange* byterange = new TestRange;
     byterange->offset = atoi(str1);
     byterange->length = atoi(str2);
     byterange->waiting = true;
     byterange->next = instanceData->testrange;