add sanity check in tor_memmem

it's believed most libc already have those, but just in case, it can't hurt
author: trinity-1686a <trinity@deuxfleurs.fr> 2023-11-15 02:01:34 +0100
committer: trinity-1686a <trinity@deuxfleurs.fr> 2023-11-15 02:01:34 +0100
commit: f2ddfdd50e52f9a6aa4afafccb5ad5e04f79e2cc (patch)
tree: 6740885162f09afa6c60985b67df1f612f1a082d /src/lib/string
parent: cec6f9919d3128646d85c75d08338bea4b31bffa (diff)
download: tor-f2ddfdd50e52f9a6aa4afafccb5ad5e04f79e2cc.tar.gz
tor-f2ddfdd50e52f9a6aa4afafccb5ad5e04f79e2cc.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/src/lib/string/util_string.c b/src/lib/string/util_string.c
index b1c0a11439..60b5933e4d 100644
--- a/src/lib/string/util_string.c
+++ b/src/lib/string/util_string.c
@@ -31,6 +31,8 @@ tor_memmem(const void *_haystack, size_t hlen,
 {
 #if defined(HAVE_MEMMEM) && (!defined(__GNUC__) || __GNUC__ >= 2)
   raw_assert(nlen);
+  if (nlen > hlen)
+    return NULL;
   return memmem(_haystack, hlen, _needle, nlen);
 #else
   /* This isn't as fast as the GLIBC implementation, but it doesn't need to
author	trinity-1686a <trinity@deuxfleurs.fr>	2023-11-15 02:01:34 +0100
committer	trinity-1686a <trinity@deuxfleurs.fr>	2023-11-15 02:01:34 +0100
commit	f2ddfdd50e52f9a6aa4afafccb5ad5e04f79e2cc (patch)
tree	6740885162f09afa6c60985b67df1f612f1a082d /src/lib/string
parent	cec6f9919d3128646d85c75d08338bea4b31bffa (diff)
download	tor-f2ddfdd50e52f9a6aa4afafccb5ad5e04f79e2cc.tar.gz tor-f2ddfdd50e52f9a6aa4afafccb5ad5e04f79e2cc.zip