TagString: use g_strndup() for unterminated string

Fixes buffer overflow bug.
author: Max Kellermann <max@duempel.org> 2014-10-10 22:06:48 +0200
committer: Max Kellermann <max@duempel.org> 2014-11-02 11:48:13 +0100
commit: c37f7abb79b6c9f30a77ea605b18674acc5ffff2 (patch)
tree: 12f1d051089d0c1238c86c61886cd3d2f3fa9fee /src/tag
parent: 432ce9b1de0f89e0f714d182980d5a562024faa5 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/tag/TagString.cxx b/src/tag/TagString.cxx
index 3e8d8c1b0..9ab095249 100644
--- a/src/tag/TagString.cxx
+++ b/src/tag/TagString.cxx
@@ -33,7 +33,7 @@ patch_utf8(const char *src, size_t length, const gchar *end)
 {
 	/* duplicate the string, and replace invalid bytes in that
 	   buffer */
-	char *dest = g_strdup(src);
+	char *dest = g_strndup(src, length);
 
 	do {
 		dest[end - src] = '?';
author	Max Kellermann <max@duempel.org>	2014-10-10 22:06:48 +0200
committer	Max Kellermann <max@duempel.org>	2014-11-02 11:48:13 +0100
commit	c37f7abb79b6c9f30a77ea605b18674acc5ffff2 (patch)
tree	12f1d051089d0c1238c86c61886cd3d2f3fa9fee /src/tag
parent	432ce9b1de0f89e0f714d182980d5a562024faa5 (diff)