From 8ca9ece66a07fa02b01565a35d90ffa5daba71aa Mon Sep 17 00:00:00 2001
From: Jonas Maebe <jonas@freepascal.org>
Date: Wed, 15 Jun 2016 18:31:42 +0000
Subject: [PATCH]   * fixed buffer overrun in
 tai_aggregatetypedconst.add_to_string()

git-svn-id: trunk@33988 -
---
 compiler/aasmcnst.pas | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/compiler/aasmcnst.pas b/compiler/aasmcnst.pas
index 364cb3cd54..06dd962c27 100644
--- a/compiler/aasmcnst.pas
+++ b/compiler/aasmcnst.pas
@@ -682,7 +682,8 @@ implementation
            begin
              if tai_const(othertai).size<>1 then
                internalerror(2014070101);
-             strtai.str:=reallocmem(strtai.str,strtai.len+1);
+             { it was already len+1 to hold the #0 -> realloc to len+2 }
+             strtai.str:=reallocmem(strtai.str,strtai.len+2);
              strtai.str[strtai.len]:=ansichar(tai_const(othertai).value);
              strtai.str[strtai.len+1]:=#0;
              inc(strtai.len);