mirror of
https://github.com/github/codeql.git
synced 2025-12-25 05:06:34 +01:00
11 lines
366 B
C++
11 lines
366 B
C++
void f(char* string) {
|
|
// wrong: allocates space for characters, but not zero terminator
|
|
char* buf = malloc(strlen(string));
|
|
strcpy(buf, string);
|
|
|
|
char* buf_right = malloc(strlen(string) + 1); //correct: includes the zero terminator
|
|
strcpy(buf_right, string);
|
|
// buf_right is now full
|
|
strcat(buf_right, string); //wrong: appending would overflow the buffer
|
|
}
|