diff options
author | Tim Kientzle <kientzle@gmail.com> | 2014-09-25 18:51:57 -0700 |
---|---|---|
committer | Tim Kientzle <kientzle@gmail.com> | 2014-09-25 18:51:57 -0700 |
commit | c1732828cd802c26e18891c4c95f49c15819c985 (patch) | |
tree | 9ac3d1c9fe533e73c3e7e2343cd07c154c841ee7 /libarchive/archive_util.c | |
parent | 8774bc55cbc897e3b8668bea3c8c50d7b61d5836 (diff) | |
download | libarchive-c1732828cd802c26e18891c4c95f49c15819c985.tar.gz |
Issue 378: compute string pointers after concatenation, to protect against reallocation moving the string
Diffstat (limited to 'libarchive/archive_util.c')
-rw-r--r-- | libarchive/archive_util.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/libarchive/archive_util.c b/libarchive/archive_util.c index 1b685d10..3a951c81 100644 --- a/libarchive/archive_util.c +++ b/libarchive/archive_util.c @@ -330,10 +330,11 @@ __archive_mktemp(const char *tmpdir) /* * Create a temporary file. */ + const wchar_t *suffix = L"XXXXXXXXXX"; archive_wstrcat(&temp_name, L"libarchive_"); - xp = temp_name.s + archive_strlen(&temp_name); - archive_wstrcat(&temp_name, L"XXXXXXXXXX"); + archive_wstrcat(&temp_name, suffix); ep = temp_name.s + archive_strlen(&temp_name); + xp = ep - wcslen(suffix); if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { |