← Back to branch summary

~ubuntu-branches/ubuntu/trusty/curl/trusty-updates

« back to all changes in this revision

Viewing changes to lib/strdup.c

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2014-11-06 10:53:58 UTC
  • Revision ID: package-import@ubuntu.com-20141106105358-e90s20tv3eobuukd
Tags: 7.35.0-1ubuntu2.2
* SECURITY UPDATE: sensitive data disclosure via duphandle read out of
  bounds
  - debian/patches/CVE-2014-3707.patch: properly copy memory aread in
    lib/formdata.c, lib/strdup.{c,h}, lib/url.c, lib/urldata.h,
    src/Makefile.inc, src/tool_setup.h, src/tool_strdup.{c,h}.
  - CVE-2014-3707

Show diffs side-by-side

added added

removed removed

Lines of Context:
lib/strdup.c
19
19
 * KIND, either express or implied.
20
20
 *
21
21
 ***************************************************************************/
22
 
/*
23
 
 * This file is 'mem-include-scan' clean. See test 1132.
24
 
 */
25
22
#include "curl_setup.h"
26
 
 
27
23
#include "strdup.h"
 
24
#include "curl_memory.h"
 
25
 
 
26
/* The last #include file should be: */
 
27
#include "memdebug.h"
28
28
 
29
29
#ifndef HAVE_STRDUP
30
30
char *curlx_strdup(const char *str)
50
50
 
51
51
}
52
52
#endif
 
53
 
 
54
/***************************************************************************
 
55
 *
 
56
 * Curl_memdup(source, length)
 
57
 *
 
58
 * Copies the 'source' data to a newly allocated buffer (that is
 
59
 * returned). Copies 'length' bytes.
 
60
 *
 
61
 * Returns the new pointer or NULL on failure.
 
62
 *
 
63
 ***************************************************************************/
 
64
char *Curl_memdup(const char *src, size_t length)
 
65
{
 
66
  char *buffer = malloc(length);
 
67
  if(!buffer)
 
68
    return NULL; /* fail */
 
69
 
 
70
  memcpy(buffer, src, length);
 
71
 
 
72
  return buffer;
 
73
}