From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Sat, 27 Mar 2021 06:14:56 +0000 (+0100)
Subject: string_utils: always memset buf in lxc_safe_int64_residual()
X-Git-Tag: lxc-5.0.0~237^2~9
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c45833e39c85c5e16270aa4122b1929dd086127a;p=thirdparty%2Flxc.git

string_utils: always memset buf in lxc_safe_int64_residual()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32482
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/string_utils.c b/src/lxc/string_utils.c
index 793fd2ca1..1d408b977 100644
--- a/src/lxc/string_utils.c
+++ b/src/lxc/string_utils.c
@@ -677,6 +677,8 @@ int lxc_safe_int64_residual(const char *numstr, int64_t *converted, int base, ch
 	if (!residual && residual_len != 0)
 		return ret_errno(EINVAL);
 
+	memset(residual, 0, residual_len);
+
 	while (isspace(*numstr))
 		numstr++;
 
@@ -691,10 +693,8 @@ int lxc_safe_int64_residual(const char *numstr, int64_t *converted, int base, ch
 	if (residual) {
 		size_t len = 0;
 
-		if (*remaining == '\0') {
-			memset(residual, 0, residual_len);
+		if (*remaining == '\0')
 			goto out;
-		}
 
 		len = strlen(remaining);
 		if (len >= residual_len)