tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit f2ddfdd50e52f9a6aa4afafccb5ad5e04f79e2cc
parent cec6f9919d3128646d85c75d08338bea4b31bffa
Author: trinity-1686a <trinity@deuxfleurs.fr>
Date:   Wed, 15 Nov 2023 02:01:34 +0100

add sanity check in tor_memmem

it's believed most libc already have those, but just in case, it can't
hurt

Diffstat:

Msrc/lib/string/util_string.c | 2++


1 file changed, 2 insertions(+), 0 deletions(-)

diff --git a/src/lib/string/util_string.c b/src/lib/string/util_string.c
@@ -31,6 +31,8 @@ tor_memmem(const void *_haystack, size_t hlen,
 {
 #if defined(HAVE_MEMMEM) && (!defined(__GNUC__) || __GNUC__ >= 2)
   raw_assert(nlen);
+  if (nlen > hlen)
+    return NULL;
   return memmem(_haystack, hlen, _needle, nlen);
 #else
   /* This isn't as fast as the GLIBC implementation, but it doesn't need to