Re: PATCH: utils.c: Fix use of uninitialized memory in metafy().

[Peter Stephenson <p.stephenson@xxxxxxxxxxx>]

On Wed, 27 Nov 2013 18:45:16 +0100
Simon Ruderich <simon@xxxxxxxxxxxx> wrote:
> While running the tests with valgrind I noticed an use of
> uninitialized memory in metafy().
>
> The following patch should fix it, but I don't know the details
> of this code, so please check it before applying the patch.
> 
> The problem is the *e != '\0' in the next if, once e == buf +
> len, *e points after buf.

Hmm... I think the intention probably *is* to check if there's null
termination at "buf + len", on the assumption that the first "len" bytes
need metafying regardless.  So if we've got only len valid bytes, not
null-terminated (or null-terminated by accident because the next byte
that isn't actually valid for the allocation happens to be null), we've
got no way of knowing this given the current interface.  That's not
actually stated explicitly but the comment above does mention len+1
for copying, implying len doesn't include the termination.

It looks like either we've got to improve the interface, which is a lot
of work, or always copy when we're give a length, which is inefficient.
I'd be tempted to do the latter for now.

pws