ref: a3a4fe840b80706c706e86160352af5936f292d8
parent: f8234d830e17fc5e8fe09eb76d86dad3f6233c59
author: Tor Andersson <tor.andersson@artifex.com>
date: Tue Sep 20 13:19:06 EDT 2016
Fix bug 697137: off by one in string length calculation. We were not allocating space for the terminating zero byte.
--- a/jsfunction.c
+++ b/jsfunction.c
@@ -61,7 +61,7 @@
n += strlen(F->name);
for (i = 0; i < F->numparams; ++i)
n += strlen(F->vartab[i]) + 1;
- s = js_malloc(J, n);
+ s = js_malloc(J, n + 1);
strcpy(s, "function ");
strcat(s, F->name);
strcat(s, "(");