scdoc2mdoc

A fork of scdoc to output mdoc(7)
git clone git://git.sgregoratto.me/scdoc2mdoc
Log | Files | Refs | README | LICENSE
commit 3ba5240756df606bceab61f863da5287f89ce695
parent f131a31f6471233a22bd77b0a5cb01e8de0403dc
Author: random human <random.bored.human@gmail.com>
Date:   Wed,  5 Sep 2018 17:15:20 +0530

Handle size 5 or 6 resulting in stack smashing

Diffstat:

Msrc/utf8_fgetch.c | 6++++++


1 file changed, 6 insertions(+), 0 deletions(-)

diff --git a/src/utf8_fgetch.c b/src/utf8_fgetch.c
@@ -10,6 +10,12 @@ uint32_t utf8_fgetch(FILE *f) {
 	}
 	buffer[0] = (char)c;
 	int size = utf8_size(buffer);
+
+	if (size > UTF8_MAX_SIZE) {
+		fseek(f, size - 1, SEEK_CUR);
+		return UTF8_INVALID;
+	}
+
 	if (size > 1) {
 		int amt = fread(&buffer[1], 1, size - 1, f);
 		if (amt != size - 1) {