From 6b8b102cf2bdcc175d97d23e9870d0816c0f674e Mon Sep 17 00:00:00 2001
From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000
Subject: [PATCH] top: Harden calibrate_fields().

- Make sure i is at least 1 before "i - 1" and "--i".

- Initialize endpflg (to 0, as it was originally, since it is static)
  before the "for" loop (the "break" may leave endpflg uninitialized,
  for example).
---
 top/top.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/top/top.c b/top/top.c
index ea4d1a4b..018c8bb7 100644
--- a/top/top.c
+++ b/top/top.c
@@ -2179,7 +2179,7 @@ static void calibrate_fields (void) {
             s = scat(s, fmtmk("%*.*s", len, len, h), w->columnhdr, sizeof(w->columnhdr));
          }
 #ifndef USE_X_COLHDR
-         if (EU_XON == w->procflgs[i - 1]) --i;
+         if (i >= 1 && EU_XON == w->procflgs[i - 1]) --i;
 #endif
 
          /* establish the final maxpflgs and prepare to grow the variable column
@@ -2193,6 +2193,7 @@ static void calibrate_fields (void) {
             fit within screen width, including a leading window number */
          *(s = w->columnhdr) = '\0';
          if (Rc.mode_altscr) s = scat(s, " ", w->columnhdr, sizeof(w->columnhdr));
+         w->endpflg = 0;
          for (i = w->totpflgs - 1; -1 < i; i--) {
             f = w->pflgsall[i];
 #ifndef USE_X_COLHDR