From c37f7abb79b6c9f30a77ea605b18674acc5ffff2 Mon Sep 17 00:00:00 2001 From: Max Kellermann Date: Fri, 10 Oct 2014 22:06:48 +0200 Subject: [PATCH] TagString: use g_strndup() for unterminated string Fixes buffer overflow bug. --- src/tag/TagString.cxx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tag/TagString.cxx b/src/tag/TagString.cxx index 3e8d8c1b0..9ab095249 100644 --- a/src/tag/TagString.cxx +++ b/src/tag/TagString.cxx @@ -33,7 +33,7 @@ patch_utf8(const char *src, size_t length, const gchar *end) { /* duplicate the string, and replace invalid bytes in that buffer */ - char *dest = g_strdup(src); + char *dest = g_strndup(src, length); do { dest[end - src] = '?';