Re: [libmicrohttpd] [SSL-Example] load_file(), terminate c-string with a

libmicrohttpd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [libmicrohttpd] [SSL-Example] load_file(), terminate c-string with a

From:	Christian Grothoff
Subject:	Re: [libmicrohttpd] [SSL-Example] load_file(), terminate c-string with a null-character?
Date:	Wed, 24 Aug 2016 14:37:50 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Icedove/38.6.0

Hi!

I think this is the one that was already fixed in SVN 36923 on Feb 29th
2016.  However, we failed to update the Web site version since, so I
should fix that...

-Christian

On 08/24/2016 02:31 PM, Weber, Peter (Wilken Software Engineering GmbH)
wrote:
> Hello!
> 
> I've used the example code from the PDF-Tutorial[1] and from the
> website [2] to build the foundation for the application im currently
> developing. Finally Valgrind reported an error "Invalid read of size 1"
> (valgrind --leak-check=yes ./yourapplication).
> 
> Maybe I'm wrong. I think the returned C-String should be terminated by
> the famous Null-Character, and therefore we also need to extend the
> allocated buffer from the heap by one byte.
> 
> Original-Code:
> -----------------------------------------------------------------------
> static char *
> load_file (const char *filename)
> {
>   FILE *fp;
>   char *buffer;
>   long size;
> 
>   size = get_file_size (filename);
>   if (size == 0)
>     return NULL;
> 
>   fp = fopen (filename, "rb");
>   if (!fp)
>     return NULL;
> 
>   buffer = malloc (size);
>   if (!buffer)
>     {
>       fclose (fp);
>       return NULL;
>     }
> 
>   if (size != fread (buffer, 1, size, fp))
>     {
>       free (buffer);
>       buffer = NULL;
>     }
> 
>   fclose (fp);
>   return buffer;
> }
> -----------------------------------------------------------------------
> Patch:
> -----------------------------------------------------------------------
> --- load_file.c 2016-08-24 14:27:51.871565051 +0200
> +++ new_load_file.c     2016-08-24 14:29:33.441565410 +0200
> @@ -13,7 +13,7 @@
>    if (!fp)
>      return NULL;
>  
> -  buffer = malloc (size);
> +  buffer = malloc (size + 1);
>    if (!buffer)
>      {
>        fclose (fp);
> @@ -26,6 +26,8 @@
>        buffer = NULL;
>      }
>  
> +  // null-termination of c-string
> +  buffer[size] = '\0';
>    fclose (fp);
>    return buffer;
>  }
> -----------------------------------------------------------------------
> 
> 
> 
> Thanks for your patience with me.
> Peter
> 
> [1]https://www.gnu.org/software/libmicrohttpd/tutorial.pdf
> [2]https://www.gnu.org/software/libmicrohttpd/tutorial.html#tlsauthenti
> cation_002ec
>

0xE29FC3CC.asc
Description: application/pgp-keys

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[libmicrohttpd] [SSL-Example] load_file(), terminate c-string with a null-character?, Weber, Peter (Wilken Software Engineering GmbH), 2016/08/24
- Re: [libmicrohttpd] [SSL-Example] load_file(), terminate c-string with a null-character?, Christian Grothoff <=

Prev by Date: [libmicrohttpd] [SSL-Example] load_file(), terminate c-string with a null-character?
Next by Date: [libmicrohttpd] libmicrohttpd 0.9.51 released
Previous by thread: [libmicrohttpd] [SSL-Example] load_file(), terminate c-string with a null-character?
Next by thread: [libmicrohttpd] libmicrohttpd 0.9.51 released
Index(es):
- Date
- Thread