summaryrefslogtreecommitdiffhomepage
path: root/tests/custom/03_stdlib/31_arrtoip
diff options
context:
space:
mode:
authorJo-Philipp Wich <jo@mein.io>2022-03-14 14:40:18 +0100
committerJo-Philipp Wich <jo@mein.io>2022-03-14 14:40:18 +0100
commit73dcd7837023939063ad89681c8d4e7392a310fe (patch)
tree8d50b4e8856fdd992ab690cccad947873016a4db /tests/custom/03_stdlib/31_arrtoip
parent8fd4746da31b945a6259ac846f7cf8dcfef0b1ef (diff)
lib: fix potential integer underflow on empty render output
The current `uc_render()` implementation uses a `fseek()` call on the `open_memstream()` provided `FILE *` stream to reserve headroom for the `uc_string_t` header. The `fseek()` call alone does not guarantee that the underlying buffer length is updated on all libc implementations though. This may lead to an integer underflow later on when the `uc_string_t` header length is substracted from the buffer length after invoking a template that did not produce any output write operations. In such a case, a very large value is assigned to `ustr->length` leading to uninitialized or out-of-bounds memory accesses later on. Solve this issue by writing the header structure as data using `fwrite()` which should yield the expected behaviour on all libc environments. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'tests/custom/03_stdlib/31_arrtoip')
0 files changed, 0 insertions, 0 deletions