aniani/elinks
1
0
Fork 0
mirror of https://github.com/rkd77/elinks.git synced 2024-09-30 03:26:23 -04:00
Code

do_auth_dialog: Fix off-by-one error leading to reads of uninitialized memory.

Browse Source 
This bug manifested as a junk character at the end of the text in the
authentication dialog.

[ From commit ca496aa2dd in ELinks
  0.12.GIT.  --KON ]
This commit is contained in:
Kalle Olavi Niemitalo 2006-06-24 16:41:16 +03:00 committed by Kalle Olavi Niemitalo
parent 319f362432
commit b5bbcb2f3a
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/protocol/auth/dialogs.c
View File

@ -89,7 +89,8 @@ do_auth_dialog(struct session *ses, void *data)
if (sticker_len < 0 || sticker_len > MAX_STR_LEN) return;
#define AUTH_WIDGETS_COUNT 5
dlg = calloc_dialog(AUTH_WIDGETS_COUNT, sticker_len);
/* + 1 to leave room for the '\0'. */
dlg = calloc_dialog(AUTH_WIDGETS_COUNT, sticker_len + 1);
if (!dlg) return;
a->blocked = 1;
@ -98,7 +99,7 @@ do_auth_dialog(struct session *ses, void *data)
dlg->layouter = generic_dialog_layouter;
text = get_dialog_offset(dlg, AUTH_WIDGETS_COUNT);
memcpy(text, sticker, sticker_len);
memcpy(text, sticker, sticker_len); /* calloc_dialog has stored '\0' */
dlg->udata = (void *) ses;
dlg->udata2 = a;