From: Jens Axboe <axboe@kernel.dk>
Date: Tue, 13 Nov 2012 12:55:38 +0000 (-0700)
Subject: json: fix off-by-one in memory alloc
X-Git-Tag: fio-2.0.11~11
X-Git-Url: https://git.kernel.dk/?p=fio.git;a=commitdiff_plain;h=a57251532f088ef372f317f89695678691e3e095

json: fix off-by-one in memory alloc

Tighten it a bit too, checking for empty string.

Signed-off-by: Jens Axboe <axboe@kernel.dk>
---

diff --git a/json.c b/json.c
index ea61af72..cdc3b218 100644
--- a/json.c
+++ b/json.c
@@ -63,18 +63,22 @@ static char *strdup_escape(const char *str)
 	char *p, *ret;
 	int escapes;
 
+	if (!strlen(str))
+		return NULL;
+
 	escapes = 0;
 	while ((input = strpbrk(input, "\\\"")) != NULL) {
 		escapes++;
 		input++;
 	}
 
-	p = ret = malloc(strlen(str) + escapes);
+	p = ret = malloc(strlen(str) + escapes + 1);
 	while (*str) {
 		if (*str == '\\' || *str == '\"')
 			*p++ = '\\';
 		*p++ = *str++;
 	}
+	*p = '\0';
 
 	return ret;
 }