busybox/editors
Quentin Rameau e2afae6303 sed: prevent overflow of length from bb_get_chunk_from_file
This fragment did not work right:

                temp = bb_get_chunk_from_file(fp, &len);
                if (temp) {
                        /* len > 0 here, it's ok to do temp[len-1] */
                        char c = temp[len-1];

With "int len" _sign-extending_, temp[len-1] can refer to a wrong location
if len > 0x7fffffff.

Signed-off-by: Quentin Rameau <quinq@fifth.space>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-04-01 19:51:14 +02:00
..
awk.c awk: code shrink 2018-01-07 14:39:34 +01:00
cmp.c regularize format of source file headers, no code changes 2017-09-18 16:28:43 +02:00
Config.src config: deindent all help texts 2017-07-21 09:50:55 +02:00
diff.c regularize format of source file headers, no code changes 2017-09-18 16:28:43 +02:00
ed.c line editing: make read_line_input() not take timeout param 2017-08-02 17:27:28 +02:00
Kbuild.src switch editors/* to embedded-in-source kbuild system 2013-11-13 12:45:33 +01:00
patch_bbox.c getopt32: remove applet_long_options 2017-08-08 17:09:40 +02:00
patch_toybox.c Update menuconfig items with approximate applet sizes 2017-07-18 22:01:24 +02:00
patch.c regularize format of source file headers, no code changes 2017-09-18 16:28:43 +02:00
sed1line.txt
sed_summary.htm doc: add info about sed s/.../.../I modifier 2008-03-01 19:29:56 +00:00
sed.c sed: prevent overflow of length from bb_get_chunk_from_file 2018-04-01 19:51:14 +02:00
vi.c use %m printf specifier where appropriate 2017-09-29 18:17:25 +02:00