On Fri, 12 Feb 2016 14:47:39 +0100
Nicolas Cavallari wrote:
> netns_map_add() does a malloc of (sizeof (struct nsid_cache) +
> strlen(name)) and then proceed with strcpy() of name into the
> zero-length member at the end of the nsid_cache structure. The
> nul-terminator is written outside of the
netns_map_add() does a malloc of (sizeof (struct nsid_cache) +
strlen(name)) and then proceed with strcpy() of name into the
zero-length member at the end of the nsid_cache structure. The
nul-terminator is written outside of the allocated memory and may
overwrite the allocator's internal structure
