diff options
| -rw-r--r-- | CHANGES | 4 | ||||
| -rw-r--r-- | RELEASE-NOTES | 1 | ||||
| -rw-r--r-- | lib/strdup.c | 8 |
3 files changed, 11 insertions, 2 deletions
@@ -6,6 +6,10 @@ Changelog +Yang Tse (6 Feb 2008) +- Fix an issue in strdup replacement function when dealing with absolutely + huge strings. Only systems without a standard strdup would be affected. + Daniel S (3 Feb 2008) - Dmitry Kurochkin cleaned up the pipelining code and removed the need for and use of the "is_in_pipeline" struct field. diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 9c590e55d..09c7c7513 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -15,6 +15,7 @@ This release includes the following changes: This release includes the following bugfixes: o improved pipelining + o improved strdup replacement This release includes the following known bugs: diff --git a/lib/strdup.c b/lib/strdup.c index 97a4890e0..eef9e08ec 100644 --- a/lib/strdup.c +++ b/lib/strdup.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -27,13 +27,17 @@ #ifndef HAVE_STRDUP char *curlx_strdup(const char *str) { - int len; + size_t len; char *newstr; if(!str) return (char *)NULL; len = strlen(str); + + if(len >= ((size_t)-1) / sizeof(char)) + return (char *)NULL; + newstr = (char *) malloc((len+1)*sizeof(char)); if(!newstr) return (char *)NULL; |