isc_mem_get question/bug
Evan Hunt
each at isc.org
Thu Nov 6 17:28:57 UTC 2014
On Fri, Nov 07, 2014 at 04:20:46AM +1100, Joshua Rogers wrote:
> > filenamelen += strlen(dsdir) + 1;
>
> The last line, "sprintf(filename, "%s/", dsdir);".
> Since "/" is also added to the buffer, doesn't that mean the buffer will
> be overflowed by one byte if the dsdir is full?
The allocated buffer size is "filenamelen + 1", which includes space for
"strlen(dsdir) + 1" if dsdir is not NULL.
The first "+ 1" is there to make room for a null terminator; the second
is there to make room for the slash.
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list