From b958eb830cae0f473a2130b5cd57de7ffc0c0e96 Mon Sep 17 00:00:00 2001
From: Marcus Meissner <marcus@jet.franken.de>
Date: Sat, 2 Feb 2019 19:04:59 +0100
Subject: [PATCH] handle non-0 terminated value returns as failure

---
 test/test-fuzzer.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/test/test-fuzzer.c b/test/test-fuzzer.c
index d72f6d1..2af7288 100644
--- a/test/test-fuzzer.c
+++ b/test/test-fuzzer.c
@@ -34,9 +34,12 @@
 void content_foreach_func(ExifEntry *entry, void *callback_data);
 void content_foreach_func(ExifEntry *entry, void *UNUSED(callback_data))
 {
-	char buf[2000];
+	char buf[2001];
 
-	exif_entry_get_value(entry, buf, sizeof(buf));
+	/* ensure \0 */
+	buf[sizeof(buf)-1] = 0;
+	buf[sizeof(buf)-2] = 0;
+	exif_entry_get_value(entry, buf, sizeof(buf)-1);
 	printf("    Entry %p: %s (%s)\n"
 		 "      Size, Comps: %d, %d\n"
 		 "      Value: %s\n", 
@@ -45,7 +48,8 @@ void content_foreach_func(ExifEntry *entry, void *UNUSED(callback_data))
 		 exif_format_get_name(entry->format),
 		 entry->size,
 		 (int)(entry->components),
-		 exif_entry_get_value(entry, buf, sizeof(buf)));
+		 exif_entry_get_value(entry, buf, sizeof(buf)-1));
+	if (buf[sizeof(buf)-2] != 0) abort();
 }
 
 
-- 
2.7.4