From 5b40c964de29ca2ed24ed6a9519314a98cd761a0 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Thu, 13 Mar 2003 17:00:31 +0000
Subject: [PATCH] Oflow test of nmemb > SIZE_MAX / size is fine (don't need
 >=). Use memcpy() instead of strcpy() in estrdup() so this is strcpy()-free.

---
 alloc.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/alloc.c b/alloc.c
index dbd973d38..0dd1ddab8 100644
--- a/alloc.c
+++ b/alloc.c
@@ -115,7 +115,7 @@ emalloc2(nmemb, size)
 	    Argv[0]);
 	exit(1);
     }
-    if (nmemb >= SIZE_MAX / size) {
+    if (nmemb > SIZE_MAX / size) {
 	(void) fprintf(stderr, "%s: internal error, emalloc2() overflow\n",
 	    Argv[0]);
 	exit(1);
@@ -170,7 +170,7 @@ erealloc3(ptr, nmemb, size)
 	    Argv[0]);
 	exit(1);
     }
-    if (nmemb >= SIZE_MAX / size) {
+    if (nmemb > SIZE_MAX / size) {
 	(void) fprintf(stderr, "%s: internal error, erealloc3() overflow\n",
 	    Argv[0]);
 	exit(1);
@@ -193,10 +193,12 @@ estrdup(src)
     const char *src;
 {
     char *dst = NULL;
+    size_t size;
 
     if (src != NULL) {
-	dst = (char *) emalloc(strlen(src) + 1);
-	(void) strcpy(dst, src);
+	size = strlen(src) + 1;
+	dst = (char *) emalloc(size);
+	(void) memcpy(dst, src, size);
     }
     return(dst);
 }
-- 
2.50.1