diff options
| author | PavlNekrasov <95914807+PavlNekrasov@users.noreply.github.com> | 2024-09-12 08:54:29 +0300 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@strace.io> | 2024-09-13 08:00:00 +0000 |
| commit | 63ba6e4aa17761461fbddf71af7cb154f1e5b9ae (patch) | |
| tree | 109c27ad9693273bd11b13a394306f504b6f766f | |
| parent | a2de804e56618b839966120dae012f3c8d7aef82 (diff) | |
| download | pam-63ba6e4aa17761461fbddf71af7cb154f1e5b9ae.tar.gz pam-63ba6e4aa17761461fbddf71af7cb154f1e5b9ae.tar.bz2 pam-63ba6e4aa17761461fbddf71af7cb154f1e5b9ae.zip | |
examples/tty_conv: fix potential out of bound write in readline()
At the end of the loop the iterator `i` can be equal to
`PAM_MAX_RESP_SIZE`, which will cause an index call outside the array
in the `input[i] = '\0';`
Signed-off-by: Dmitry V. Levin <ldv@strace.io>
| -rw-r--r-- | examples/tty_conv.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/examples/tty_conv.c b/examples/tty_conv.c index 9a0e1ad9..59bbb3b3 100644 --- a/examples/tty_conv.c +++ b/examples/tty_conv.c @@ -68,7 +68,7 @@ static char *readline(void) int i; flockfile(stdin); - for (i = 0; i < PAM_MAX_RESP_SIZE; i++) + for (i = 0; i < PAM_MAX_RESP_SIZE - 1; i++) { int ch = getchar_unlocked(); if (ch == '\n' || ch == '\r' ||ch == EOF) |