From: schwarze <schwarze@openbsd.org>
Date: Wed, 7 Feb 2018 20:04:33 +0000 (+0000)
Subject: Fix the mandoc_strndup() utility function.  All existing callers seem
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=2dfc6a663df73e38907826fd8aac3aad7d581ad4;p=openbsd

Fix the mandoc_strndup() utility function.  All existing callers seem
safe so far, but implementing it with an unchecked memcpy(3) is just
wrong and quite dangerous.
---

diff --git a/usr.bin/mandoc/mandoc_aux.c b/usr.bin/mandoc/mandoc_aux.c
index 6fa396a7909..7c23ecfdd01 100644
--- a/usr.bin/mandoc/mandoc_aux.c
+++ b/usr.bin/mandoc/mandoc_aux.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: mandoc_aux.c,v 1.8 2017/06/12 18:55:42 schwarze Exp $ */
+/*	$OpenBSD: mandoc_aux.c,v 1.9 2018/02/07 20:04:33 schwarze Exp $ */
 /*
  * Copyright (c) 2009, 2011 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2014, 2015, 2017 Ingo Schwarze <schwarze@openbsd.org>
@@ -106,8 +106,8 @@ mandoc_strndup(const char *ptr, size_t sz)
 {
 	char	*p;
 
-	p = mandoc_malloc(sz + 1);
-	memcpy(p, ptr, sz);
-	p[(int)sz] = '\0';
+	p = strndup(ptr, sz);
+	if (p == NULL)
+		err((int)MANDOCLEVEL_SYSERR, NULL);
 	return p;
 }