commit - c6f826b4b8c649846845e38cd59168057e516ddc
commit + 9ef4ac1620c773e31257fdb1fe0672af1550b569
blob - 61e58f737c3748fff76c8b967a29c0ae43c1557f
blob + dce23091a93105abdf80728f6058069c6b81c763
--- lib/object_parse.c
+++ lib/object_parse.c
if (p == NULL)
return got_error(GOT_ERR_BAD_OBJ_HDR);
- hdrlen = strlen(buf) + 1 /* '\0' */;
+ hdrlen = strnlen(buf, len) + 1 /* '\0' */;
+ if (hdrlen > len)
+ return got_error(GOT_ERR_BAD_OBJ_HDR);
for (i = 0; i < nitems(obj_labels); i++) {
const char *label = obj_labels[i];
if (*te == NULL)
return got_error_from_errno();
- *elen = strlen(buf) + 1;
+ *elen = strnlen(buf, maxlen) + 1;
if (*elen > maxlen) {
free(*te);
*te = NULL;