39 строки
1.0 KiB
Diff
39 строки
1.0 KiB
Diff
From fa8feee1fce1c6e728512d9e6c0bfffa89f0ce62 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
|
|
Date: Mon, 13 Aug 2018 14:39:46 +0200
|
|
Subject: [PATCH 5/7] Fix a read past end of buffer
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
Signed-off-by: Ondřej Lysoněk <olysonek@redhat.com>
|
|
---
|
|
src/ascii-xfr.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/ascii-xfr.c b/src/ascii-xfr.c
|
|
index ca27ebf..79af763 100644
|
|
--- a/src/ascii-xfr.c
|
|
+++ b/src/ascii-xfr.c
|
|
@@ -207,7 +207,7 @@ int arecv(char *file)
|
|
}
|
|
|
|
while ((n = read(STDIN_FILENO, line, sizeof(line))) > 0) {
|
|
- for (s = line; n-- >0; s++) {
|
|
+ for (s = line; s - line < n; s++) {
|
|
if (*s == eofchar)
|
|
break;
|
|
if (dotrans && *s == '\r')
|
|
@@ -217,7 +217,7 @@ int arecv(char *file)
|
|
}
|
|
stats(first);
|
|
first = 0;
|
|
- if (*s == eofchar)
|
|
+ if (s - line < n && *s == eofchar)
|
|
break;
|
|
}
|
|
fclose(fp);
|
|
--
|
|
2.14.4
|
|
|