From 26ca0e94787e1a6bc56bf8f25556e47fe09147e3 Mon Sep 17 00:00:00 2001
From: Hwankyu Jhun <h.jhun@samsung.com>
Date: Fri, 13 Oct 2017 08:46:16 +0900
Subject: [PATCH] Fix the exception handling

- Uses strnlen() instead of strlen()

Change-Id: I6339d45ae0d903a7a3e59c537f304362b8e09316
Signed-off-by: Hwankyu Jhun <h.jhun@samsung.com>
---
 src/keyval.c       | 6 ++++--
 src/keyval_array.c | 6 ++++--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/keyval.c b/src/keyval.c
index 8c7a42f..e3f906a 100755
--- a/src/keyval.c
+++ b/src/keyval.c
@@ -19,6 +19,7 @@
  * Implementation of keyval object
  */
 
+#define _GNU_SOURCE
 #include <stdlib.h>
 
 #include "keyval_type.h"
@@ -247,12 +248,13 @@ size_t keyval_decode(unsigned char *byte, keyval_t **kv, size_t byte_size)
 	byte_size -= sz_keysize;
 	p += sz_keysize;
 	key = (char *)p;
-	if ((strlen(key) + 1) != keysize)
-		return 0;
 
 	if (byte_size < keysize)
 		return 0;
 
+	if (!key || (strnlen(key, keysize) + 1) != keysize)
+		return 0;
+
 	byte_size -= keysize;
 	p += keysize;
 	size = *((size_t *)p);
diff --git a/src/keyval_array.c b/src/keyval_array.c
index f9c32b1..e05f79c 100755
--- a/src/keyval_array.c
+++ b/src/keyval_array.c
@@ -19,6 +19,7 @@
  * Implementation of keyval_array object
  */
 
+#define _GNU_SOURCE
 #include <stdlib.h>
 #include <string.h>
 
@@ -361,12 +362,13 @@ size_t keyval_array_decode(void *byte, keyval_array_t **kva, size_t byte_size)
 	byte_size -= sz_keysize;
 	p += sz_keysize;
 	key = (char *)p;
-	if ((strlen(key) + 1) != keysize)
-		return 0;
 
 	if (byte_size < keysize)
 		return 0;
 
+	if (!key || (strnlen(key, keysize) + 1) != keysize)
+		return 0;
+
 	byte_size -= keysize;
 	p += keysize;
 	len = *((unsigned int *)p);
-- 
2.7.4