From e4e3bee71d7bb94cdf7953efcd12703cc87859a1 Mon Sep 17 00:00:00 2001
From: ihsinme <ihsinme@gmail.com>
Date: Wed, 9 Mar 2022 15:36:42 +0300
Subject: [PATCH] fixing a possible write beyond the array boundary.

If you don't initialize array `buf` and use `strlen` to determine the zero length, there is a possibility that the value of function `memset` will go beyond array `buf`. This will happen if there are no zeros in the declared array.
---
 src/tmbstr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/tmbstr.c b/src/tmbstr.c
index e3526987c..447c6dd29 100644
--- a/src/tmbstr.c
+++ b/src/tmbstr.c
@@ -255,7 +255,7 @@ void TY_(strrep)(tmbstr buffer, ctmbstr str, ctmbstr rep)
         if(p)
         {
             char buf[1024];
-            memset(buf,'\0',strlen(buf));
+            memset(buf,'\0',sizeof(buf));
 
             if(buffer == p)
             {