tsam: avoid out-of-bounds read in rterm - plan9port - [fork] Plan 9 from user space
HTML git clone git://src.adamsgaard.dk/plan9port
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
DIR commit 3ccd61629b641613bcccbc51125330efab9c89a7
DIR parent 6a80119eb509bd948d87ad1b84b0a82855a3c691
HTML Author: Russ Cox <rsc@swtch.com>
Date: Thu, 14 Jan 2021 10:05:50 -0500
sam: avoid out-of-bounds read in rterm
Usually r->nused < r->nalloc and the read is in bounds.
But it could in theory be right on the line and reading
past the end of the allocation.
Make it safe but preserve as much of the old semantics
as possible. This use of rterm appears to be only for
optimization purposes so the result does not matter
for correctness.
Diffstat:
M src/cmd/sam/rasp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
---
DIR diff --git a/src/cmd/sam/rasp.c b/src/cmd/sam/rasp.c
t@@ -283,8 +283,8 @@ rterm(List *r, Posn p1)
for(p = 0,i = 0; i<r->nused && p+L(i)<=p1; p+=L(i++))
;
- if(i==r->nused && (i==0 || !T(i-1)))
- return 0;
+ if(i==r->nused)
+ return i > 0 && T(i-1);
return T(i);
}