Removed potential buffer overflow.
authorMandeep Shetty <mandeep.shetty@intel.com>
Thu, 19 Mar 2015 00:44:18 +0000 (17:44 -0700)
committerErich Keane <erich.keane@intel.com>
Thu, 19 Mar 2015 17:36:51 +0000 (17:36 +0000)
Malloc based on strlen() did not acount for the null character.

Change-Id: Iff9fed3e684e26576d24d9607ebd5afefec32ef0
Signed-off-by: Mandeep Shetty <mandeep.shetty@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/504
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Erich Keane <erich.keane@intel.com>
resource/csdk/stack/src/ocstack.c

index f8fb72a8a08a947da76ac6e841eecee923ecd98e..01a1424697f652fe645843f2e932083834202485 100644 (file)
@@ -377,7 +377,7 @@ void parsePresencePayload(char* payload, uint32_t* seqNum, uint32_t* maxAge, cha
 
     if(tok)
     {
-        *resType = (char *)OCMalloc(strlen(tok));
+        *resType = (char *)OCMalloc(strlen(tok) + 1);
         if(!*resType)
         {
             return;