From cf164d9e975e2aa677b041c012cf843bd44e370a Mon Sep 17 00:00:00 2001
From: Vladislav Egorov <vegorov180@gmail.com>
Date: Sun, 21 May 2017 22:49:19 +0200
Subject: [PATCH] ralloc: Use strnlen() inside of strncat()

If the str is long or isn't null-terminated, strlen() could take a lot
of time or even crash. I don't know why was it used in the first place,
maybe for platforms without strnlen(), but strnlen() is already used
inside of ralloc_strndup(), so this change should not additionally
break anything.

Reviewed-by: Ian Romanick <ian.d.romanick@intel.com>
Reviewed-by: Timothy Arceri <tarceri@itsqueeze.com>
---
 src/util/ralloc.c | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/src/util/ralloc.c b/src/util/ralloc.c
index 7bf192e0db7..953f36e6bcd 100644
--- a/src/util/ralloc.c
+++ b/src/util/ralloc.c
@@ -405,12 +405,7 @@ ralloc_strcat(char **dest, const char *str)
 bool
 ralloc_strncat(char **dest, const char *str, size_t n)
 {
-   /* Clamp n to the string length */
-   size_t str_length = strlen(str);
-   if (str_length < n)
-      n = str_length;
-
-   return cat(dest, str, n);
+   return cat(dest, str, strnlen(str, n));
 }
 
 char *
-- 
2.30.2