From ff2e75ed2efd5e1eb859f6983223a3d76064ce9b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Csaba=20Osztrogon=C3=A1c?= <oszi@inf.u-szeged.hu>
Date: Thu, 8 Aug 2019 21:31:59 +0200
Subject: [PATCH] Fix buffer overflow in example for
 jerry_string_to_char_buffer() API function (#3010)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We need one more byte allocated for the trailing '\0'.

JerryScript-DCO-1.0-Signed-off-by: Csaba Osztrogonác oszi@inf.u-szeged.hu
---
 docs/02.API-REFERENCE.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/02.API-REFERENCE.md b/docs/02.API-REFERENCE.md
index 5fbd84079..af1e6ebca 100644
--- a/docs/02.API-REFERENCE.md
+++ b/docs/02.API-REFERENCE.md
@@ -2790,7 +2790,7 @@ main (void)
 
   // Read the string into a byte buffer.
   jerry_size_t string_size = jerry_get_string_size (value);
-  jerry_char_t *string_buffer_p = (jerry_char_t *) malloc (sizeof (jerry_char_t) * string_size);
+  jerry_char_t *string_buffer_p = (jerry_char_t *) malloc (sizeof (jerry_char_t) * (string_size + 1));
 
   jerry_size_t copied_bytes = jerry_string_to_char_buffer (value, string_buffer_p, string_size);
   string_buffer_p[copied_bytes] = '\0';