Fix memory overflow bugs
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
diff --git a/init.c b/init.c
index f0aa5e3..93322fd 100644
--- a/init.c
+++ b/init.c
@@ -564,8 +564,12 @@
}
string = malloc(4096);
- name = malloc(256);
- memset(name, 0, 256);
+
+ /*
+ * it's really 256 + small bit, 280 should suffice
+ */
+ name = malloc(280);
+ memset(name, 0, 280);
stonewall = stonewall_flag;
do {
diff --git a/parse.c b/parse.c
index 9015b1d..f0e644f 100644
--- a/parse.c
+++ b/parse.c
@@ -159,8 +159,8 @@
if (s)
p = s;
- s = p + strlen(p) - 1;
- while (isspace(*s) || iscntrl(*s))
+ s = p + strlen(p);
+ while ((isspace(*s) || iscntrl(*s)) && (s > p))
s--;
*(s + 1) = '\0';