From be34aeee0e393ac774826f5199b754b38da71834 Mon Sep 17 00:00:00 2001 From: Wolfgang Sourdeau Date: Mon, 9 Jan 2012 16:36:51 +0000 Subject: [PATCH] Monotone-Parent: 6e892bd0470a59c4edc792bd0d24b13e56e6a5e0 Monotone-Revision: f5ba6db440f5a8ba817af65dea12b4a616fdfe71 Monotone-Author: wsourdeau@inverse.ca Monotone-Date: 2012-01-09T16:36:51 --- SOPE/NGCards/ChangeLog | 5 +++++ SOPE/NGCards/NSString+NGCards.m | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/SOPE/NGCards/ChangeLog b/SOPE/NGCards/ChangeLog index b78570076..84f2daac1 100644 --- a/SOPE/NGCards/ChangeLog +++ b/SOPE/NGCards/ChangeLog @@ -1,3 +1,8 @@ +2012-01-09 Wolfgang Sourdeau + + * NSString+NGCards.m (-vCardSubvalues): fixed allocation of + parsing buffer to avoid a buffer overflow. + 2011-11-21 Francis Lachapelle * iCalTimeZone.m (+knownTimeZoneNames): ignore files that don't diff --git a/SOPE/NGCards/NSString+NGCards.m b/SOPE/NGCards/NSString+NGCards.m index e46b2e29d..1c1e1fe66 100644 --- a/SOPE/NGCards/NSString+NGCards.m +++ b/SOPE/NGCards/NSString+NGCards.m @@ -325,7 +325,7 @@ ELEM;...:subvalue1;subvalue1,subvalue2 (where KEY = @"") */ NSMutableDictionary *values; /* key <> ordered values associations */ NSMutableArray *orderedValues = nil; /* those are separated by ';' and contain - subvalues, may or may not be named */ + subvalues, may or may not be named */ NSMutableArray *subValues = nil; /* those are separeted by ',' */ unichar *stringBuffer, *substringBuffer; NSString *valuesKey, *substring; @@ -337,7 +337,7 @@ valuesKey = @""; max = [self length]; - stringBuffer = NSZoneMalloc (NULL, sizeof (unichar) * max + 1); + stringBuffer = NSZoneMalloc (NULL, sizeof (unichar) * (max + 1)); [self getCharacters: stringBuffer]; stringBuffer[max] = 0;