diff options
| author | Michael Meskes | 2019-04-11 18:56:17 +0000 |
|---|---|---|
| committer | Michael Meskes | 2019-04-11 18:56:17 +0000 |
| commit | ed16ba3248d486ec8b2fdfc75e442620d675b617 (patch) | |
| tree | ce9dad5133a7c52ce06da7df42f65298a3364367 | |
| parent | 4aaa3b5cf1c33d713b8eefa3612a9112cbcf1074 (diff) | |
Fix off-by-one check that can lead to a memory overflow in ecpg.
Patch by Liu Huailing <[email protected]>
| -rw-r--r-- | src/interfaces/ecpg/preproc/pgc.l | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/interfaces/ecpg/preproc/pgc.l b/src/interfaces/ecpg/preproc/pgc.l index 60474b0b4a..3dc2453a2f 100644 --- a/src/interfaces/ecpg/preproc/pgc.l +++ b/src/interfaces/ecpg/preproc/pgc.l @@ -1556,7 +1556,7 @@ parse_include(void) for (ip = include_paths; yyin == NULL && ip != NULL; ip = ip->next) { - if (strlen(ip->path) + strlen(yytext) + 3 > MAXPGPATH) + if (strlen(ip->path) + strlen(yytext) + 4 > MAXPGPATH) { fprintf(stderr, _("Error: include path \"%s/%s\" is too long on line %d, skipping\n"), ip->path, yytext, yylineno); continue; |