[PATCH 1/2] readline: Fix potential buffer overflow

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



cread_add_char doesn't take the trailing '\0' into account, so adding
it at the end of readline can overflow the buffer.

Signed-off-by: Sascha Hauer <s.hauer@xxxxxxxxxxxxxx>
---
 lib/readline.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/readline.c b/lib/readline.c
index c007e10..4c9bb76 100644
--- a/lib/readline.c
+++ b/lib/readline.c
@@ -150,7 +150,7 @@ static void cread_add_char(char ichar, int insert, unsigned long *num,
 
 	/* room ??? */
 	if (insert || *num == *eol_num) {
-		if (*eol_num > len - 1) {
+		if (*eol_num > len - 2) {
 			getcmd_cbeep();
 			return;
 		}
-- 
2.6.2


_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox



[Index of Archives]     [Linux Embedded]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux