From a9f17952b8655c981638b3243d795961538d8998 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Sat, 5 Apr 2003 22:24:12 +0000 Subject: Update. * sunrpc/xdr.c (xdr_string): Catch nodesize == 0 [PR libc/4999]. --- sunrpc/xdr.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'sunrpc') diff --git a/sunrpc/xdr.c b/sunrpc/xdr.c index dbe1d88..d99a998 100644 --- a/sunrpc/xdr.c +++ b/sunrpc/xdr.c @@ -704,6 +704,13 @@ xdr_string (xdrs, cpp, maxsize) return FALSE; } nodesize = size + 1; + if (nodesize == 0) + { + /* This means an overflow. It a bug in the caller which + provided a too large maxsize but nevertheless catch it + here. */ + return FALSE; + } /* * now deal with the actual bytes @@ -711,10 +718,6 @@ xdr_string (xdrs, cpp, maxsize) switch (xdrs->x_op) { case XDR_DECODE: - if (nodesize == 0) - { - return TRUE; - } if (sp == NULL) *cpp = sp = (char *) mem_alloc (nodesize); if (sp == NULL) -- cgit v1.1