diff options
author | Berthold Stoeger <bstoeger@mail.tuwien.ac.at> | 2018-10-17 20:22:17 +0200 |
---|---|---|
committer | Lubomir I. Ivanov <neolit123@gmail.com> | 2018-10-21 19:56:02 +0300 |
commit | 9025694d12a5f259c7cff13074bd7c67804abd65 (patch) | |
tree | dcf093486a6e121a5a8e8c33f7d0fb854924a527 /core | |
parent | 28e3413ff66552f392fecee25068d634cdfe59fc (diff) | |
download | subsurface-9025694d12a5f259c7cff13074bd7c67804abd65.tar.gz |
Parser: free old string in utf8_string
The utf8_string() function is used to extract whitespace-trimmed
strings. The function would happily overwrite the pointer to
the old string, which could therefore leak (suppose an XML has
redundant attributes).
Therefore preemtively free the string output parameter. This makes
it of course necessary to only pass in NULL-initialized pointers
or pointers to owned string.
The code survives the current set of parser-tests.
Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
Diffstat (limited to 'core')
-rw-r--r-- | core/parse.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/core/parse.c b/core/parse.c index 76b66733f..005a971e5 100644 --- a/core/parse.c +++ b/core/parse.c @@ -394,10 +394,16 @@ void userid_stop(void) in_userid = false; } +/* + * Copy whitespace-trimmed string. Warning: the passed in string will be freed, + * therefore make sure to only pass in to NULL-initialized pointers or pointers + * to owned strings + */ void utf8_string(char *buffer, void *_res) { char **res = _res; int size; + free(*res); size = trimspace(buffer); if(size) *res = strdup(buffer); |