mifr/subsurface
1
0
Fork 0
mirror of https://github.com/subsurface/subsurface.git synced 2025-01-19 06:15:26 +00:00
Code Issues Projects Releases Packages Wiki Activity

Parser: free old string in utf8_string

Browse source 
The utf8_string() function is used to extract whitespace-trimmed
strings. The function would happily overwrite the pointer to
the old string, which could therefore leak (suppose an XML has
redundant attributes).

Therefore preemtively free the string output parameter. This makes
it of course necessary to only pass in NULL-initialized pointers
or pointers to owned string.

The code survives the current set of parser-tests.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
This commit is contained in:
Berthold Stoeger 2018-10-17 20:22:17 +02:00 committed by Lubomir I. Ivanov
parent 28e3413ff6
commit 9025694d12
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
core/parse.c
View file

@ -394,10 +394,16 @@ void userid_stop(void)
in_userid = false;
}
/*
* Copy whitespace-trimmed string. Warning: the passed in string will be freed,
* therefore make sure to only pass in to NULL-initialized pointers or pointers
* to owned strings
*/
void utf8_string(char *buffer, void *_res)
{
char **res = _res;
int size;
free(*res);
size = trimspace(buffer);
if(size)
*res = strdup(buffer);