diff options
Diffstat (limited to 'libcutils/strdup8to16.c')
| -rw-r--r-- | libcutils/strdup8to16.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/libcutils/strdup8to16.c b/libcutils/strdup8to16.c index 8654b04..63e5ca4 100644 --- a/libcutils/strdup8to16.c +++ b/libcutils/strdup8to16.c @@ -18,6 +18,7 @@ #include <cutils/jstring.h> #include <assert.h> #include <stdlib.h> +#include <limits.h> /* See http://www.unicode.org/reports/tr22/ for discussion * on invalid sequences @@ -48,6 +49,10 @@ extern char16_t * strdup8to16 (const char* s, size_t *out_len) len = strlen8to16(s); + // fail on overflow + if (len && SIZE_MAX/len < sizeof(char16_t)) + return NULL; + // no plus-one here. UTF-16 strings are not null terminated ret = (char16_t *) malloc (sizeof(char16_t) * len); |