diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 2018-01-07 19:18:57 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 2018-01-07 19:18:57 +0000 |
commit | 88a9cabfe654601db7115a95d328b85d1bb41b7f (patch) | |
tree | e7e229475611bc5f168d70e0f41cdcda018449fe /bin/ksh | |
parent | ab802882f5d31d41762a3628a2dd7bc96251eb2f (diff) |
Add proper bounds checking to kb_add(). OK anton@
Diffstat (limited to 'bin/ksh')
-rw-r--r-- | bin/ksh/emacs.c | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/bin/ksh/emacs.c b/bin/ksh/emacs.c index f7d2d59ae5c..b95964c23f2 100644 --- a/bin/ksh/emacs.c +++ b/bin/ksh/emacs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: emacs.c,v 1.80 2018/01/06 16:28:58 millert Exp $ */ +/* $OpenBSD: emacs.c,v 1.81 2018/01/07 19:18:56 millert Exp $ */ /* * Emacs-like command line editing and history @@ -1328,20 +1328,21 @@ static struct kb_entry * kb_add(void *func, void *args, ...) { va_list ap; - unsigned int i, count = 0; - char l[LINE + 1]; - - va_start(ap, args); - while (va_arg(ap, unsigned int) != 0) - count++; - va_end(ap); + unsigned char ch; + unsigned int i; + char line[LINE + 1]; va_start(ap, args); - for (i = 0; i <= count /* <= is correct */; i++) - l[i] = (unsigned char)va_arg(ap, unsigned int); + for (i = 0; i < sizeof(line) - 1; i++) { + ch = va_arg(ap, unsigned int); + if (ch == 0) + break; + line[i] = ch; + } va_end(ap); + line[i] = '\0'; - return (kb_add_string(func, args, l)); + return (kb_add_string(func, args, line)); } static void |