[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] Fix an rcfile out-of-bounds read on empty lines
From: |
Saagar Jha |
Subject: |
Re: [PATCH] Fix an rcfile out-of-bounds read on empty lines |
Date: |
Sun, 16 Feb 2020 17:40:08 -0800 |
I didn’t seem to get your response (perhaps you only sent it to nano-devel?)
but here’s an updated patch. I hadn’t signed the old patch because I had
accidentally made it part of the detectindent work I was doing and forgot to
sign it when splitting out the commit.
Saagar Jha
From 30fc6e499873dcef87339ff63946fd02bfc5d2db Mon Sep 17 00:00:00 2001
From: Saagar Jha <address@hidden>
Date: Sun, 16 Feb 2020 04:04:11 -0800
Subject: [PATCH] Fix an rcfile out-of-bounds read on empty lines
Signed-off-by: Saagar Jha <address@hidden>
---
src/rcfile.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/rcfile.c b/src/rcfile.c
index 5213e277..1afe0582 100644
--- a/src/rcfile.c
+++ b/src/rcfile.c
@@ -1320,7 +1320,7 @@ void parse_rcfile(FILE *rcstream, bool just_syntax, bool
intros_only)
/* Strip the terminating newline and possibly a carriage
return. */
if (buffer[length - 1] == '\n')
buffer[--length] = '\0';
- if (buffer[length - 1] == '\r')
+ if (length && buffer[length - 1] == '\r')
buffer[--length] = '\0';
ptr = buffer;
--
2.25.0
> On Feb 16, 2020, at 04:12, Saagar Jha <address@hidden> wrote:
>
> Hi,
>
> This is just a minor out-of-bounds fix in parse_rcfile.
>
> Regards,
> Saagar Jha
>
> From ec66cf1b91ceed37344f9bc2d1c6eab6a343ec0b Mon Sep 17 00:00:00 2001
> From: Saagar Jha <address@hidden>
> Date: Sun, 16 Feb 2020 04:04:11 -0800
> Subject: [PATCH] Fix an rcfile out-of-bounds read on empty lines
>
> ---
> src/rcfile.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/src/rcfile.c b/src/rcfile.c
> index 5213e277..39387a22 100644
> --- a/src/rcfile.c
> +++ b/src/rcfile.c
> @@ -1318,9 +1318,9 @@ void parse_rcfile(FILE *rcstream, bool just_syntax,
> bool intros_only)
> continue;
> #endif
> /* Strip the terminating newline and possibly a carriage
> return. */
> - if (buffer[length - 1] == '\n')
> + if (length && buffer[length - 1] == '\n')
> buffer[--length] = '\0';
> - if (buffer[length - 1] == '\r')
> + if (length && buffer[length - 1] == '\r')
> buffer[--length] = '\0';
>
> ptr = buffer;
> --
> 2.25.0
>