[PATCH 1/2] readline: Fix potential buffer overflow
Sascha Hauer
s.hauer at pengutronix.de
Tue Jan 5 00:25:09 PST 2016
cread_add_char doesn't take the trailing '\0' into account, so adding
it at the end of readline can overflow the buffer.
Signed-off-by: Sascha Hauer <s.hauer at pengutronix.de>
---
lib/readline.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/readline.c b/lib/readline.c
index c007e10..4c9bb76 100644
--- a/lib/readline.c
+++ b/lib/readline.c
@@ -150,7 +150,7 @@ static void cread_add_char(char ichar, int insert, unsigned long *num,
/* room ??? */
if (insert || *num == *eol_num) {
- if (*eol_num > len - 1) {
+ if (*eol_num > len - 2) {
getcmd_cbeep();
return;
}
--
2.6.2
More information about the barebox
mailing list