1
0
forked from pool/util-linux
util-linux/more-fix-buffer-overflow.patch

33 lines
894 B
Diff

From 1ef2db5a5672e09fa1337099b7d9d6ab61c19bdc Mon Sep 17 00:00:00 2001
From: Karel Zak <kzak@redhat.com>
Date: Thu, 1 Aug 2013 12:58:22 +0200
Subject: [PATCH] more: fix buffer overflow
The bug has been probably introduced by commit
1ac300932deab8dea2c43050921bbbdb36d62ff1.
Reported-by: "Dr. David Alan Gilbert" <dave@treblig.org>
References: https://bugzilla.novell.com/show_bug.cgi?id=829720
Signed-off-by: Karel Zak <kzak@redhat.com>
---
text-utils/more.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/text-utils/more.c b/text-utils/more.c
index 3bbeede..3377118 100644
--- a/text-utils/more.c
+++ b/text-utils/more.c
@@ -835,7 +835,8 @@ void prepare_line_buffer(void)
if (nsz < LINSIZ)
nsz = LINSIZ;
- nline = xrealloc(Line, nsz);
+ /* alloc nsz and extra space for \n\0 */
+ nline = xrealloc(Line, nsz + 2);
Line = nline;
LineLen = nsz;
}
--
1.8.4