Date: Sun, 3 Jun 2018 17:07:56 +0000 (UTC) From: Piotr Pawel Stefaniak <pstef@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r334570 - head/usr.bin/indent Message-ID: <201806031707.w53H7udd001772@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pstef Date: Sun Jun 3 17:07:56 2018 New Revision: 334570 URL: https://svnweb.freebsd.org/changeset/base/334570 Log: indent(1): the check for buffer overflow has to be done before copy Modified: head/usr.bin/indent/indent.c Modified: head/usr.bin/indent/indent.c ============================================================================== --- head/usr.bin/indent/indent.c Sun Jun 3 17:05:55 2018 (r334569) +++ head/usr.bin/indent/indent.c Sun Jun 3 17:07:56 2018 (r334570) @@ -1193,10 +1193,10 @@ check_type: *sc_end++ = ' '; --line_no; } + if (sc_end - save_com + com_end - com_start > sc_size) + errx(1, "input too long"); bcopy(s_lab + com_start, sc_end, com_end - com_start); sc_end += com_end - com_start; - if (sc_end >= &save_com[sc_size]) - errx(1, "input too long"); e_lab = s_lab + com_start; while (e_lab > s_lab && (e_lab[-1] == ' ' || e_lab[-1] == '\t')) e_lab--;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201806031707.w53H7udd001772>