From 4ceb430a468e8226175aa3f169c0e746877c17e1 Mon Sep 17 00:00:00 2001
From: Ben Laurie <ben@links.org>
Date: Tue, 20 May 2014 13:52:31 +0100
Subject: [PATCH] Don't allocate more than is needed in BUF_strndup().

---
 crypto/buffer/buf_str.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/crypto/buffer/buf_str.c b/crypto/buffer/buf_str.c
index 151f5ea971..84236c7671 100644
--- a/crypto/buffer/buf_str.c
+++ b/crypto/buffer/buf_str.c
@@ -69,9 +69,14 @@ char *BUF_strdup(const char *str)
 char *BUF_strndup(const char *str, size_t siz)
 	{
 	char *ret;
+	size_t len;
 
 	if (str == NULL) return(NULL);
 
+	len = strlen(str);
+	if (siz > len)
+	    siz = len;
+
 	ret=OPENSSL_malloc(siz+1);
 	if (ret == NULL) 
 		{
-- 
2.25.1