From a1e635f3be111eab6c325f17940fea882915109e Mon Sep 17 00:00:00 2001 From: Rodrigo De Castro Date: Thu, 31 Oct 2013 11:25:32 -0700 Subject: [PATCH] Buffer overflow fix as NULL terminator wasn't copied in PCRE invocation. Adding "+ 1" to allocation includes NULL terminator to avoid buffer overflow as PCRE library runs strlen on the string and requires the string to be properly terminated by NULL. --- grokre.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/grokre.c b/grokre.c index 6979213..afce6c7 100644 --- a/grokre.c +++ b/grokre.c @@ -173,8 +173,8 @@ static char *grok_pattern_expand(grok_t *grok) { capture_vector = calloc(3 * g_pattern_num_captures, sizeof(int)); full_len = grok->pattern_len; full_size = full_len; - full_pattern = calloc(1, full_size); - memcpy(full_pattern, grok->pattern, full_len); + full_pattern = calloc(1, full_size + 1); + memcpy(full_pattern, grok->pattern, full_len + 1); grok_log(grok, LOG_REGEXPAND, "% 20s: %.*s", "start of expand", full_len, full_pattern);