util: use strnlen() in strndup() implementations

If the string being copied is not NULL-terminated the result of
strlen() is undefined.

Signed-off-by: Samuel Iglesias Gonsalvez <siglesias@igalia.com>
Reviewed-by: Neil Roberts <neil@linux.intel.com>
Reviewed-by: Jose Fonseca <jfonseca@vmware.com>

diff --git a/src/util/ralloc.c b/src/util/ralloc.c
index 01719c8..e07fce7 100644 (file)
--- a/src/util/ralloc.c
+++ b/src/util/ralloc.c
@@ -359,10 +359,7 @@ ralloc_strndup(const void *ctx, const char *str, size_t max)
    if (unlikely(str == NULL))
       return NULL;
 
-   n = strlen(str);
-   if (n > max)
-      n = max;
-
+   n = strnlen(str, max);
    ptr = ralloc_array(ctx, char, n + 1);
    memcpy(ptr, str, n);
    ptr[n] = '\0';

diff --git a/src/util/strndup.c b/src/util/strndup.c
index ca1c6f5..5ceb32f 100644 (file)
--- a/src/util/strndup.c
+++ b/src/util/strndup.c
@@ -35,10 +35,7 @@ strndup(const char *str, size_t max)
    if (!str)
       return NULL;
 
-   n = strlen(str);
-   if (n > max)
-      n = max;
-
+   n = strnlen(str, max);
    ptr = (char *) calloc(n + 1, sizeof(char));
    if (!ptr)
       return NULL;