archives/open-adventure
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix off-by-one error that enabled the fuzzer to find a crash hole.

Browse source 
One has to allocate space for the trailing NUL, too.
This commit is contained in:
Eric S. Raymond 2017-06-20 07:20:03 -04:00
parent d747d43429
commit 018ca9ae37
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
misc.c
View file

@ -291,7 +291,7 @@ bool YES(const char* question, const char* yes_response, const char* no_response
reply = get_input(); reply = get_input();
char* firstword = (char*) xmalloc(strlen(reply)); char* firstword = (char*) xmalloc(strlen(reply)+1);
sscanf(reply, "%s", firstword); sscanf(reply, "%s", firstword);
for (int i = 0; i < (int)strlen(firstword); ++i) for (int i = 0; i < (int)strlen(firstword); ++i)