From d61d86c73104d1aa84fd6ca506c2230e67727b17 Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Mon, 7 Oct 2024 15:55:44 +0200 Subject: ftparchive: Mystrdup: Add safety check and bump buffer size Add a safety check to ensure that the block were are allocating actually fits the string we want to write. If it doesn't, abort the program. While we are here, bump the buffer size from 40 KiB to 4 MiB, because why bother with smaller buffers. --- ftparchive/contents.cc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ftparchive/contents.cc b/ftparchive/contents.cc index 4835cc6dd..be75c4706 100644 --- a/ftparchive/contents.cc +++ b/ftparchive/contents.cc @@ -72,7 +72,9 @@ char *GenContents::Mystrdup(const char *From) unsigned int Len = strlen(From) + 1; if (StrLeft <= Len) { - StrLeft = 4096*10; + StrLeft = 4 * 1024 * 1024; + if (unlikely(StrLeft <= Len)) + abort(); StrPool = (char *)malloc(StrLeft); BigBlock *Block = new BigBlock; -- cgit v1.2.3-70-g09d2