From 63ba6e4aa17761461fbddf71af7cb154f1e5b9ae Mon Sep 17 00:00:00 2001
From: PavlNekrasov <95914807+PavlNekrasov@users.noreply.github.com>
Date: Thu, 12 Sep 2024 08:54:29 +0300
Subject: examples/tty_conv: fix potential out of bound write in readline()

At the end of the loop the iterator `i` can be equal to
`PAM_MAX_RESP_SIZE`, which will cause an index call outside the array
in the `input[i] = '\0';`

Signed-off-by: Dmitry V. Levin <ldv@strace.io>
---
 examples/tty_conv.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/examples/tty_conv.c b/examples/tty_conv.c
index 9a0e1ad9..59bbb3b3 100644
--- a/examples/tty_conv.c
+++ b/examples/tty_conv.c
@@ -68,7 +68,7 @@ static char *readline(void)
     int i;
 
     flockfile(stdin);
-    for (i = 0; i < PAM_MAX_RESP_SIZE; i++)
+    for (i = 0; i < PAM_MAX_RESP_SIZE - 1; i++)
     {
         int ch = getchar_unlocked();
         if (ch == '\n' || ch == '\r' ||ch == EOF)
-- 
cgit v1.2.3