ExternalVendorCode/genode
1
0
Fork 0
mirror of https://github.com/genodelabs/genode.git synced 2024-12-19 13:47:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

base: string length handling fix in Rpc_in_buffer

Browse Source 
If a null-terminated string exactly of length MAX (0 byte included) is
provided, it will be handled as invalid because of wrong string size length
checks.

Commit fixes this.

Discovered during #1486 development.
This commit is contained in:
Alexander Boettcher 2015-04-09 11:35:22 +02:00 committed by Christian Helmuth
parent 3c5fb420ca
commit 0ed45d92ff
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
repos/base/include/base/rpc_args.h
View File

@ -88,8 +88,8 @@ class Genode::Rpc_in_buffer : public Rpc_in_buffer_base
*/
Rpc_in_buffer(const char *str) : Rpc_in_buffer_base(str)
{
if (_size >= MAX_SIZE - 1)
_size = MAX_SIZE - 1;
if (_size >= MAX_SIZE)
_size = MAX_SIZE;
}
/**
@ -107,7 +107,7 @@ class Genode::Rpc_in_buffer : public Rpc_in_buffer_base
* Return true if buffer contains a valid null-terminated string
*/
bool is_valid_string() const {
return (_size < MAX_SIZE) && (_size > 0) && (_base[_size - 1] == '\0'); }
return (_size <= MAX_SIZE) && (_size > 0) && (_base[_size - 1] == '\0'); }
/**
* Return buffer content as null-terminated string