The condition should first check whether `bsize` is reached, before
dereferencing the offset. Even if this always works fine, due to the
string being null-terminated, this certainly looks odd.
Found using GitHub's CodeQL scan.
This bug traces back to at least 97c2ae13bc0d7961a348102d6719fbcaf34d46d5
(1.7.0+) and this patch should be backported accordingly.
---
src/tools.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/tools.c b/src/tools.c
index 4f536efc3..cc71d4535 100644
--- a/src/tools.c
+++ b/src/tools.c
@@ -4522,9 +4522,9 @@ int may_access(const void *ptr)
int dump_text(struct buffer *out, const char *buf, int bsize)
{
unsigned char c;
- int ptr = 0;
+ size_t ptr = 0;
- while (buf[ptr] && ptr < bsize) {
+ while (ptr < bsize && buf[ptr]) {
c = buf[ptr];
if (isprint((unsigned char)c) && isascii((unsigned char)c) && c
!= '\\' && c != ' ' && c != '=') {
if (out->data > out->size - 1)
--
2.33.0
