diff options
author | Carlos Garnacho <carlosg@gnome.org> | 2023-05-04 12:08:47 +0200 |
---|---|---|
committer | Carlos Garnacho <carlosg@gnome.org> | 2023-05-04 12:08:47 +0200 |
commit | 16ab9f02340cb2ded6dfd503eb476744b93fa13f (patch) | |
tree | fb863b3c082f29058f8e3176cf69cf5c745093a0 | |
parent | 126fe9b4cbc95077db805e24bb689f22b56120b1 (diff) | |
download | tracker-16ab9f02340cb2ded6dfd503eb476744b93fa13f.tar.gz |
core: Avoid possible buffer overruns
In some circumstances we may pass -1 as len to g_strndup(), that
does not follow the "-1 means strlen()" convention. Do this
ourselves.
CIDs: #1530151, #1530152
-rw-r--r-- | src/libtracker-sparql/core/tracker-db-interface-sqlite.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/libtracker-sparql/core/tracker-db-interface-sqlite.c b/src/libtracker-sparql/core/tracker-db-interface-sqlite.c index 2aa493ca9..6b3482435 100644 --- a/src/libtracker-sparql/core/tracker-db-interface-sqlite.c +++ b/src/libtracker-sparql/core/tracker-db-interface-sqlite.c @@ -1639,13 +1639,15 @@ function_sparql_print_value (sqlite3_context *context, sqlite3_result_value (context, argv[0]); } else if (prop_type == TRACKER_PROPERTY_TYPE_DATE) { const gchar *value, *end; - int len = -1; + gsize len; value = sqlite3_value_text (argv[0]); /* Drop time data if we are given a xsd:dateTime as a xsd:date */ end = strchr (value, 'T'); if (end) len = end - value; + else + len = strlen (value); sqlite3_result_text (context, g_strndup (value, len), |