From: Ben Pfaff Date: Sat, 10 Apr 2010 04:45:50 +0000 (-0700) Subject: dictionary: Fix potential access beyond allocated memory. X-Git-Tag: v0.7.5~85 X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=33e610616a2b48f9a7eb56c4ebb0325b66df0376;p=pspp-builds.git dictionary: Fix potential access beyond allocated memory. This code replaces the dictionary's "var" array by another one, so it must either update "var_cap" to the allocated size or allocate "var_cap" (not "var_cnt") elements. I chose the latter fix. --- diff --git a/src/data/dictionary.c b/src/data/dictionary.c index 43df1eb0..f69d91e3 100644 --- a/src/data/dictionary.c +++ b/src/data/dictionary.c @@ -683,7 +683,7 @@ dict_reorder_vars (struct dictionary *d, assert (count == 0 || order != NULL); assert (count <= d->var_cnt); - new_var = xnmalloc (d->var_cnt, sizeof *new_var); + new_var = xnmalloc (d->var_cap, sizeof *new_var); memcpy (new_var, order, count * sizeof *new_var); for (i = 0; i < count; i++) {