--- a/src/encode.c
+++ b/src/encode.c
@@ -194,10 +194,12 @@ int encode_init(void) {
char *pr_decode_str(pool *p, const char *in, size_t inlen, size_t *outlen) {
#ifdef HAVE_ICONV
- size_t inbuflen, outbuflen;
+ size_t inbuflen, outbuflen, outbufsz;
char *inbuf, outbuf[PR_TUNABLE_PATH_MAX*2], *res = NULL;
- if (!p || !in || !outlen) {
+ if (p == NULL ||
+ in == NULL ||
+ outlen == NULL) {
errno = EINVAL;
return NULL;
}
@@ -229,7 +231,11 @@ char *pr_decode_str(pool *p, const char *in, size_t inlen, size_t *outlen) {
return NULL;
*outlen = sizeof(outbuf) - outbuflen;
- res = pcalloc(p, *outlen);
+
+ /* We allocate one byte more, for a terminating NUL. */
+ outbufsz = sizeof(outbuf) - outbuflen + 1;
+ res = pcalloc(p, outbufsz);
+
memcpy(res, outbuf, *outlen);
return res;
@@ -242,10 +248,12 @@ char *pr_decode_str(pool *p, const char *in, size_t inlen, size_t *outlen) {
char *pr_encode_str(pool *p, const char *in, size_t inlen, size_t *outlen) {
#ifdef HAVE_ICONV
- size_t inbuflen, outbuflen;
+ size_t inbuflen, outbuflen, outbufsz;
char *inbuf, outbuf[PR_TUNABLE_PATH_MAX*2], *res;
- if (!p || !in || !outlen) {
+ if (p == NULL ||
+ in == NULL ||
+ outlen == NULL) {
errno = EINVAL;
return NULL;
}
@@ -277,7 +285,11 @@ char *pr_encode_str(pool *p, const char *in, size_t inlen, size_t *outlen) {
return NULL;
*outlen = sizeof(outbuf) - outbuflen;
- res = pcalloc(p, *outlen);
+
+ /* We allocate one byte more, for a terminating NUL. */
+ outbufsz = sizeof(outbuf) - outbuflen + 1;
+
+ res = pcalloc(p, outbufsz);
memcpy(res, outbuf, *outlen);
return res;
diff --git a/src/fsio.c b/src/fsio.c
index 40ef466..8bf5069 100644
--- a/src/fsio.c
+++ b/src/fsio.c
@@ -2058,7 +2058,7 @@ char *pr_fs_decode_path(pool *p, const char *path) {
return (char *) path;
}
- res = pr_decode_str(p, path, strlen(path) + 1, &outlen);
+ res = pr_decode_str(p, path, strlen(path), &outlen);
if (!res) {
pr_trace_msg("encode", 1, "error decoding path '%s': %s", path,
strerror(errno));
@@ -2081,7 +2081,7 @@ char *pr_fs_encode_path(pool *p, const char *path) {
return (char *) path;
}
- res = pr_encode_str(p, path, strlen(path) + 1, &outlen);
+ res = pr_encode_str(p, path, strlen(path), &outlen);
if (!res) {
pr_trace_msg("encode", 1, "error encoding path '%s': %s", path,
strerror(errno));