diff options
author | Max Kunzelmann <max@mxzero.net> | 2023-11-11 21:28:03 +0100 |
---|---|---|
committer | Lukas Fleischer <lfleischer@calcurse.org> | 2023-12-14 13:17:24 +0100 |
commit | aa5ff07b61b6bd9db948cd6541bed3cd44f25924 (patch) | |
tree | 2c04d3fd22784b15623aae8e8bead30a921c7245 /test/next-003.sh | |
parent | 80cd8af9567bf2ddeb017ea738de0adb4fba2543 (diff) | |
download | calcurse-aa5ff07b61b6bd9db948cd6541bed3cd44f25924.tar.gz calcurse-aa5ff07b61b6bd9db948cd6541bed3cd44f25924.zip |
Fix out of bounds memory access (off by one)
If fgets reads a line that only contains a `\n`, then the pointer `eol`
will point to the first byte in that buffer. The subsequent dereference
of `*(eol -1 )` will access the byte before that buffer.
This fix makes sure that that length of the current line read by fgets
is at least 2 bytes long.
Signed-off-by: Max Kunzelmann <max@mxzero.net>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
Diffstat (limited to 'test/next-003.sh')
0 files changed, 0 insertions, 0 deletions