From dcdd2f1fb065b6e98d87ab7b367e8fb483f9b59c Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Mon, 21 Oct 2024 15:04:50 +0200
Subject: Neuter an issue in strncat

`strlen(src)` isn't guaranteed to be valid.
---
 include/string.h | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'include')

diff --git a/include/string.h b/include/string.h
index 89bf25e..2e2b29c 100644
--- a/include/string.h
+++ b/include/string.h
@@ -287,6 +287,7 @@ _FORTIFY_FN(strncat) char *strncat(char * _FORTIFY_POS0 __d, const char *__s,
 #if __has_builtin(__builtin___strncat_chk) && FORTIFY_USE_NATIVE_CHK
 	return __builtin___strncat_chk(__d, __s, __n, __fh_bos(__d, 0));
 #else
+#if 0 // strlen(__s) isn't guaranteed to be valid.
 	__fh_size_t __b = __fh_bos(__d, 0);
 
 	if (__n > __b) {
@@ -297,6 +298,7 @@ _FORTIFY_FN(strncat) char *strncat(char * _FORTIFY_POS0 __d, const char *__s,
 		if (__sl + __dl + 1 > __b)
 			__builtin_trap();
 	}
+#endif
 	return __orig_strncat(__d, __s, __n);
 #endif
 }
-- 
cgit v1.3