xfs_scrub: fix buffer overflow in string_escape

Commit Message

Darrick J. Wong Feb. 20, 2025, 10:07 p.m. UTC

From: Darrick J. Wong <djwong@kernel.org>

Need to allocate one more byte for the null terminator, just in case the
/entire/ input string consists of non-printable bytes e.g. emoji.

Cc: <linux-xfs@vger.kernel.org> # v4.15.0
Fixes: 396cd0223598bb ("xfs_scrub: warn about suspicious characters in directory/xattr names")
Signed-off-by: "Darrick J. Wong" <djwong@kernel.org>
---
 scrub/common.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Patch

diff --git a/scrub/common.c b/scrub/common.c
index 6eb3c026dc5ac9..7ea0277bc511ce 100644
--- a/scrub/common.c
+++ b/scrub/common.c
@@ -320,7 +320,7 @@  string_escape(
 	char			*q;
 	int			x;
 
-	str = malloc(strlen(in) * 4);
+	str = malloc((strlen(in) * 4) + 1);
 	if (!str)
 		return NULL;
 	for (p = in, q = str; *p != '\0'; p++) {