[PATCH 5/6] Fix a read past end of buffer
Ondřej Lysoněk
olysonek at redhat.com
Mon Jul 30 16:11:11 BST 2018
Signed-off-by: Ondřej Lysoněk <olysonek at redhat.com>
---
src/ascii-xfr.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/ascii-xfr.c b/src/ascii-xfr.c
index e243b7b..3a76abf 100644
--- a/src/ascii-xfr.c
+++ b/src/ascii-xfr.c
@@ -217,7 +217,7 @@ static int arecv(char *file)
}
while ((n = read(STDIN_FILENO, line, sizeof(line))) > 0) {
- for (s = line; n-- >0; s++) {
+ for (s = line; s - line < n; s++) {
if (*s == eofchar)
break;
if (dotrans && *s == '\r')
@@ -227,7 +227,7 @@ static int arecv(char *file)
}
stats(first);
first = 0;
- if (*s == eofchar)
+ if (s - line < n && *s == eofchar)
break;
}
fclose(fp);
--
2.14.4
More information about the minicom-devel
mailing list