Colin D Bennett wrote:
It looks like grub_strdup() does not terminate the returned string with a 0 byte. The only way I could see it working is if grub_malloc() filled the returned memory with zeroes. Does it?From kern/misc.c: (circa line 476) char * grub_strdup (const char *s) { grub_size_t len; char *p;len = grub_strlen (s) + 1;p = (char *) grub_malloc (len); if (! p) return 0; return grub_memcpy (p, s, len); }
Zero is copied from source string... notice strlen() + 1.
But right after that, we have char * grub_strndup (const char *s, grub_size_t n) { grub_size_t len; char *p;len = grub_strlen (s);if (len > n) len = n; p = (char *) grub_malloc (len + 1); if (! p) return 0;grub_memcpy (p, s, len);p[len] = '\0'; return p; } which explicitly stores a terminating null byte. If grub_malloc() did initialize the memory to zero, then this explicity store would be unnecessary.
Here if string is not fully copied there needs to be NUL terminator. _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
