1
0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2024-12-24 21:33:51 +03:00

dict: Compare strings with strncmp

Using memcmp can result in OOB reads.

Short-lived regression found by OSS-Fuzz.
This commit is contained in:
Nick Wellnhofer 2023-10-02 14:42:51 +02:00
parent eb69c1d39d
commit 71aae4e98b

3
dict.c
View File

@ -538,7 +538,8 @@ xmlDictFindEntry(const xmlDict *dict, const xmlChar *prefix,
/*
* name is not necessarily null-terminated.
*/
if ((memcmp(entry->name, name, len) == 0) &&
if ((strncmp((const char *) entry->name,
(const char *) name, len) == 0) &&
(entry->name[len] == 0)) {
found = 1;
break;