projects / sent.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 72d33d4) | patch
Avoid out-of-bounds access when a slide input line begins with \0
authorChris Down <chris@chrisdown.name>
Wed, 13 May 2020 11:20:53 +0000 (12:20 +0100)
committerHiltjo Posthuma <hiltjo@codemadness.org>
Thu, 14 May 2020 09:43:34 +0000 (11:43 +0200)
commit2649e8d5334f7e37a1710c60fb740ecfe91b9f9e
tree36d235c6bec798d085e776869470d87b6f8330bctree | snapshot
parent72d33d463fed7ba271961a6f91cae1fed8faa454commit | diff
Avoid out-of-bounds access when a slide input line begins with \0

If we read in a line with \0 at the beginning, blen will be 0. However,
we then try to index our copy of the buffer with
s->lines[s->linecount][blen-1], we'll read (and potentially write if the
data happens to be 0x0A) outside of strdup's allocated memory, and may
crash.

Fix this by just rejecting lines with a leading \0. Lines with nulls
embedded in other places don't invoke similar behaviour, since the
length is still >0.
sent.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.