From 2cec9ccde78005eb18fae975eeb573db4e87bc44 Mon Sep 17 00:00:00 2001
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date: Sun, 26 Jul 2015 08:03:15 +0000
Subject: BaseTools/Common: fix heap overrun in ReadMemoryFileLine ()

ReadMemoryFileLine () appends a NULL character to the string
it returns, but it failed to account for it in the allocation.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Yingke Liu <yingke.d.liu@intel.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18047 6f19259b-4bc3-4df7-8a09-765794883524
---
 BaseTools/Source/C/Common/MemoryFile.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/BaseTools/Source/C/Common/MemoryFile.c b/BaseTools/Source/C/Common/MemoryFile.c
index 7b1aa111d1..00ea0c615b 100644
--- a/BaseTools/Source/C/Common/MemoryFile.c
+++ b/BaseTools/Source/C/Common/MemoryFile.c
@@ -194,7 +194,7 @@ Returns:
     CharsToCopy = EndOfLine - InputFile->CurrentFilePointer;
   }
 
-  OutputString = malloc (CharsToCopy);
+  OutputString = malloc (CharsToCopy + 1);
   if (OutputString == NULL) {
     return NULL;
   }
-- 
cgit v1.2.3