From 4f619c202c67dd68b1c3a13d40ad50fa2a6e582d Mon Sep 17 00:00:00 2001 From: Vadim Yanitskiy Date: Fri, 12 Apr 2019 21:48:07 +0700 Subject: Fix incorrect buffer size calculation Calling sizeof() on a pointer to dynamically allocated memory would result in getting size of the pointer (usually 4 or 8 bytes) itself, but not the size of allocated memory. Change-Id: I8ffda4dea2b7f9b4b76dfeecad1fab6384c5a62c Fixes: CID#197629, CID#197628, CID#197627 Fixes: CID#197626, CID#197625, CID#197624 --- src/msgb.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src/msgb.c') diff --git a/src/msgb.c b/src/msgb.c index 5a154e56..940135f6 100644 --- a/src/msgb.c +++ b/src/msgb.c @@ -522,10 +522,11 @@ const char *msgb_hexdump(const struct msgb *msg) */ char *msgb_hexdump_c(const void *ctx, const struct msgb *msg) { - char *buf = talloc_size(ctx, msgb_length(msg)*3 + 100); + size_t buf_len = msgb_length(msg) * 3 + 100; + char *buf = talloc_size(ctx, buf_len); if (!buf) return NULL; - return msgb_hexdump_buf(buf, sizeof(buf), msg); + return msgb_hexdump_buf(buf, buf_len, msg); } /*! Print a string to the end of message buffer. -- cgit v1.2.3