commit 4a4a63b1561cd5e3292cce6235c1b3f9a11c0754
parent ce5fd79d5a818fa0ac428426db5a2c27570d4d7f
Author: Jacob R. Edwards <n/a>
Date: Wed, 14 Dec 2022 20:11:01 -0600
Fix out of bounds memory write
The malloc in apunquote() didn't account for the nul terminater.
Diffstat:
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/ap/quote.c b/lib/ap/quote.c
@@ -133,7 +133,7 @@ apunquote(char **sp, int (*issep)(int))
if (!s || !*sp)
return NULL;
- buf = malloc(*sp - s);
+ buf = malloc(*sp - s + 1);
if (!buf)
return NULL;
*sp = s;
