Hi,

In lib/string.h line 38,

static inline char * xstrdup(const char *c) {  size_t l = strlen(c) + 1;

// xmalloc may fail, and z will be NULL.  char *z = xmalloc(l);

// write to a NULL pointer, crash.  memcpy(z, c, l);  return z; } 

I think this is a vulnerability, and maybe we can fix it as following:

static inline char * xstrdup(const char *c) {  size_t l = strlen(c) + 1;

 char *z = xmalloc(l);

 if(z)

  { 

     memcpy(z, c, l);

 return z;

  }

 else return -1; }

Thanks for any consideration!

Peiyu Liu, 

NESA lab, 

Zhejiang University