commit 5a4369dd279b1ee50779ae4ab16daaa035eeeb69
parent 7f4ab8d801edd1db8518ecd110c53483f847a8e9
Author: Quentin Carbonneaux <quentin@c9x.me>
Date: Wed, 28 Jul 2021 00:53:09 +0200
fix buffer overflow in parser (afl)
Reported by Alessandro Mantovani.
Overly long function names would
trigger out-of-bounds accesses.
Diffstat:
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/parse.c b/parse.c
@@ -813,7 +813,7 @@ parsefn(int export)
rcls = 5;
if (next() != Tglo)
err("function name expected");
- strcpy(curf->name, tokval.str);
+ strncpy(curf->name, tokval.str, NString-1);
curf->vararg = parserefl(0);
if (nextnl() != Tlbrace)
err("function body must start with {");
