From 47bc68339ffe091e3ad7aaea95e6a7149261e9e6 Mon Sep 17 00:00:00 2001
From: "Hong, Yang A" <yang.a.hong@intel.com>
Date: Thu, 28 Apr 2022 10:11:32 +0000
Subject: [PATCH] bugfix: fix overflow risk of strlen function

---
 src/compiler/compiler.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/compiler/compiler.cpp b/src/compiler/compiler.cpp
index 6f993ffe..35f46b3f 100644
--- a/src/compiler/compiler.cpp
+++ b/src/compiler/compiler.cpp
@@ -323,7 +323,8 @@ void addExpression(NG &ng, unsigned index, const char *expression,
     }
 
     // Ensure that our pattern isn't too long (in characters).
-    if (strlen(expression) > cc.grey.limitPatternLength) {
+    size_t maxlen = cc.grey.limitPatternLength + 1;
+    if (strnlen(expression, maxlen) >= maxlen) {
         throw CompileError("Pattern length exceeds limit.");
     }