diff options
author | Philip Withnall <withnall@endlessm.com> | 2020-06-10 13:26:14 +0100 |
---|---|---|
committer | Philip Withnall <withnall@endlessm.com> | 2020-06-10 13:26:14 +0100 |
commit | e86dd776552224dfc06818b45257066d4ed5bb25 (patch) | |
tree | 35c174338ed87efbd4dd69901af4021c20ebb39b | |
parent | 98b89b739a86c4bbbeda84a1fc71c2d7142d1c25 (diff) | |
download | glib-e86dd776552224dfc06818b45257066d4ed5bb25.tar.gz |
gfileutils: Correct operator precedence to avoid undefined pointer maths
`base` can be `-1` in some situations, which would lead to pointing
outside an allocation area if the sums were evaluated as `(file_name +
base) + 1` rather than `file_name + (base + 1)`.
I don’t see how this can practically cause an issue, as the arithmetic
is all finished before anything’s dereferenced, but let’s keep to the
letter of the C standard to avoid this coming up in code audits in
future.
Fix suggested by fablhx.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Closes: #2077
-rw-r--r-- | glib/gfileutils.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/glib/gfileutils.c b/glib/gfileutils.c index f0799e212..ede22b889 100644 --- a/glib/gfileutils.c +++ b/glib/gfileutils.c @@ -2397,7 +2397,7 @@ g_path_get_basename (const gchar *file_name) len = last_nonslash - base; retval = g_malloc (len + 1); - memcpy (retval, file_name + base + 1, len); + memcpy (retval, file_name + (base + 1), len); retval [len] = '\0'; return retval; |