From f1471d32166e0881dccc1d551b59238a07351668 Mon Sep 17 00:00:00 2001
From: Szabolcs Nagy <nsz@port70.net>
Date: Thu, 23 Jan 2014 03:24:54 +0100
Subject: fix an overflow in wcsxfrm when n==0

posix allows zero length destination
---
 src/locale/wcsxfrm.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'src/locale')

diff --git a/src/locale/wcsxfrm.c b/src/locale/wcsxfrm.c
index cb79c97e..5d89e7dd 100644
--- a/src/locale/wcsxfrm.c
+++ b/src/locale/wcsxfrm.c
@@ -6,10 +6,12 @@
 size_t __wcsxfrm_l(wchar_t *restrict dest, const wchar_t *restrict src, size_t n, locale_t loc)
 {
 	size_t l = wcslen(src);
-	if (l >= n) {
+	if (l < n) {
+		wmemcpy(dest, src, l+1);
+	} else if (n) {
 		wmemcpy(dest, src, n-1);
 		dest[n-1] = 0;
-	} else wcscpy(dest, src);
+	}
 	return l;
 }
 
-- 
cgit v1.2.1