[hackers] [quark] Fixed buffer overflow when p-res==targetlen in function getreqentry || Adria Garriga

git Wed, 06 Aug 2014 17:20:07 -0700

commit abec80e6ceb4e3cb90200ffcd597ab17d7d37d81
Author: Adria Garriga <[email protected]>
Date:   Thu Aug 7 02:11:46 2014 +0200


    Fixed buffer overflow when p-res==targetlen in function getreqentry

diff --git a/quark.c b/quark.c
index da8c4b3..574fb9b 100644
--- a/quark.c
+++ b/quark.c
@@ -363,7 +363,7 @@ getreqentry(char *name, char *target, size_t targetlen, 
char *breakchars) {
                for(p = res; *p && !strchr(breakchars, *p); ++p);
                if(!*p)
                        return 1;
-               if((size_t)(p - res) > targetlen)
+               if((size_t)(p - res) >= targetlen)
                        return 1;
                memcpy(target, res, p - res);
                target[p - res] = 0;

[hackers] [quark] Fixed buffer overflow when p-res==targetlen in function getreqentry || Adria Garriga

Reply via email to