[flac-dev] [PATCH] metaflac : Fix local_strcat() to terminate string correctly.

Mon Jun 3 04:09:05 PDT 2013

The NUL char is written at incorrect place when the destination string
is longer than 0, which causes memory corruption. It was broken by
commit 2d6354ff2a618a79d40edbd4f208b4b07c5422f1.
---
 src/metaflac/utils.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/metaflac/utils.c b/src/metaflac/utils.c
index 097537b..8a31daa 100644
--- a/src/metaflac/utils.c
+++ b/src/metaflac/utils.c
@@ -75,7 +75,7 @@ void local_strcat(char **dest, const char *source)
 	*dest = safe_realloc_add_3op_(*dest, ndest, /*+*/nsource, /*+*/1);
 	if(0 == *dest)
 		die("out of memory growing string");
-	safe_strncpy((*dest)+ndest, source, ndest + nsource + 1);
+	safe_strncpy((*dest)+ndest, source, nsource + 1);
 }
 
 static inline int local_isprint(int c)
-- 
1.8.1.4

