 |
tFix potential buffer overflow - ledit - Text editor (WIP) |
 |
git clone git://lumidify.org/ledit.git (fast, but not encrypted) |
|
git clone https://lumidify.org/git/ledit.git (encrypted, but very slow) |
 |
Log |
|
Files |
|
Refs |
|
README |
|
LICENSE |
|
--- |
|
commit 4e39cee7c2670c566dd05abc926f01aa8444e018 |
|
parent 1e7b988b795deff7e31c7a5c28a5c669b388fb3a |
|
Author: lumidify <[email protected]> |
|
Date: Thu, 8 Sep 2022 13:40:00 +0200 |
|
|
|
Fix potential buffer overflow |
|
|
|
Diffstat: |
|
M search.c | 4 ++-- |
|
|
|
1 file changed, 2 insertions(+), 2 deletions(-) |
|
--- |
|
diff --git a/search.c b/search.c |
|
t@@ -40,12 +40,12 @@ search_forward(ledit_view *view, size_t *line_ret, size_t … |
|
return SEARCH_NO_PATTERN; |
|
size_t line = view->cur_line; |
|
/* start one byte later so it doesn't get stuck on a match |
|
- note: since the string ends with '\0', this is always valid */ |
|
+ note: in certain cases, this may not be a valid index */ |
|
size_t byte = view->cur_index + 1; |
|
char *res; |
|
ledit_line *lline = buffer_get_line(view->buffer, line); |
|
buffer_normalize_line(lline); |
|
- if ((res = strstr(lline->text + byte, last_search)) != NULL) { |
|
+ if (byte < lline->len && (res = strstr(lline->text + byte, last_search… |
|
*line_ret = line; |
|
*byte_ret = (size_t)(res - lline->text); |
|
return SEARCH_NORMAL; |
