newlib.patches/newlib-54.patch - nest-connect/1.0/newlib - Git at Google

 diff -aruN newlib-1.20.0/newlib/libc/locale/lctype.c newlibDup/newlib/libc/locale/lctype.c
 --- newlib-1.20.0/newlib/libc/locale/lctype.c	2010-05-03 02:25:32.000000000 -0700
 +++ newlibDup/newlib/libc/locale/lctype.c	2017-08-17 09:33:23.812683710 -0700
 @@ -82,7 +82,9 @@
  	  _ctype_using_locale = 0;
  	else
  	  {
 -	    _ctype_locale.codeset = strcpy (_ctype_locale_buf, charset);
 + 	    // Strncpy'ed to prevent memory overruns, limited to (_CTYPE_BUF_SIZE - 1) to prevent
 + 	    // overwriting of the last null char in _ctype_locale_buf that is needed for a string
 + 	    _ctype_locale.codeset = strncpy (_ctype_locale_buf, charset, (_CTYPE_BUF_SIZE - 1));
  	    char *mbc = _ctype_locale_buf + _CTYPE_BUF_SIZE - 2;
  	    mbc[0] = mb_cur_max;
  	    mbc[1] = '\0';
	diff -aruN newlib-1.20.0/newlib/libc/locale/lctype.c newlibDup/newlib/libc/locale/lctype.c
	--- newlib-1.20.0/newlib/libc/locale/lctype.c 2010-05-03 02:25:32.000000000 -0700
	+++ newlibDup/newlib/libc/locale/lctype.c 2017-08-17 09:33:23.812683710 -0700
	@@ -82,7 +82,9 @@
	_ctype_using_locale = 0;
	else
	{
	- _ctype_locale.codeset = strcpy (_ctype_locale_buf, charset);
	+ // Strncpy'ed to prevent memory overruns, limited to (_CTYPE_BUF_SIZE - 1) to prevent
	+ // overwriting of the last null char in _ctype_locale_buf that is needed for a string
	+ _ctype_locale.codeset = strncpy (_ctype_locale_buf, charset, (_CTYPE_BUF_SIZE - 1));
	char *mbc = _ctype_locale_buf + _CTYPE_BUF_SIZE - 2;
	mbc[0] = mb_cur_max;
	mbc[1] = '\0';