Date:	Tue, 22 Jun 2010 07:58:51 +0100
From:	"Jan Beulich" <JBeulich@novell.com>
To:	<linux-numa@vger.kernel.org>
Cc:	"Thomas Renninger" <trenn.EMEA5-1.EMEA5@suse.de>
Subject: [PATCH] libnuma: fix memory corruption

Applying strlen() to the result of strncpy() isn't valid...

[ This obviates a never-applied patch from Neil Horman on 10 Aug 2009
  [PATCH] libnuma: fix obo error in set_thread_constraints     ]

Signed-off-by: Jan Beulich <jbeulich@novell.com>
Cc: Thomas Renninger <trenn@suse.de>

---
 libnuma.c |   11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

Index: numactl-test/libnuma.c
===================================================================
--- numactl-test.orig/libnuma.c
+++ numactl-test/libnuma.c
@@ -461,10 +461,13 @@ set_task_constraints(void)
 				read_mask(mask, numa_all_nodes_ptr);
 		}
 		if (strncmp(buffer,"Mems_allowed_list:",18) == 0) {
-			nodes_allowed_list = malloc(strlen(buffer)-18);
-			strncpy(nodes_allowed_list, buffer + 19,
-				strlen(buffer) - 19);
-			nodes_allowed_list[strlen(nodes_allowed_list)-1] = '\0';
+			size_t len = strlen(mask);
+
+			nodes_allowed_list = malloc(len);
+			if (nodes_allowed_list) {
+				memcpy(nodes_allowed_list, mask, len-1);
+				nodes_allowed_list[len-1] = '\0';
+			}
 		}
 	}
 	fclose(f);
