[hackers] [st][PATCH] fix pointer to one before object UB

From: Guilherme Janczak <guilherme.janczak_AT_yandex.com>
Date: Wed, 5 May 2021 21:34:15 +0000

The expression "s + strlen(s) - 1" can create a pointer to one before
*s if strlen(s) is 0.

---
 util.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/util.c b/util.c
index bdba718..c97f491 100644
--- a/util.c
+++ b/util.c
_AT_@ -59,9 +59,13 @@ skip(char *s, char c) {
 static void
 trim(char *s) {
 	char *e;
-
-	e = s + strlen(s) - 1;
-	while(isspace(*e) && e > s)
-		e--;
-	*(e + 1) = '\0';
+	
+	e = s + strlen(s);
+	while (e > s) {
+		if (!isspace(*--e)) {
+			e++;
+			*e = '\0';
+			break;
+		}
+	}
 }
-- 
2.31.1
Received on Wed May 05 2021 - 23:34:15 CEST

This archive was generated by hypermail 2.3.0 : Thu May 06 2021 - 00:24:36 CEST