diff options
| author |   schwarze <schwarze@openbsd.org> | 2016-04-28 09:44:36 +0000 |
|---|---|---|
| committer | schwarze <schwarze@openbsd.org> | 2016-04-28 09:44:36 +0000 |
| commit | e1946848423e90751fc1235d2d3cc96517d56b09 (patch) | |
| tree | d4fdc33e0f2bada4c62500bf5db8224a5eb6b41c | |
| parent | Experiment on matching on the daemon_user is over. It needs more work. (diff) | |
| download | wireguard-openbsd-e1946848423e90751fc1235d2d3cc96517d56b09.tar.xz wireguard-openbsd-e1946848423e90751fc1235d2d3cc96517d56b09.zip | |
Initialize the search buffer.
Otherwise, if you called ed-search-prev-history before doing any
history search but after entering at least one line into the history,
the buffer could get accessed uninitialized, potentially resulting
in a read buffer overrun.
Segfault reported in sftp(1) via djm@ by Alf Schlichting <A dot
Schlichting at lemarit dot com>, who also confirmed that the patch
fixes the issue for him.
OK martijn@ czarkoff@
| -rw-r--r-- | lib/libedit/search.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/libedit/search.c b/lib/libedit/search.c index e4bb6433bcb..f8d081ec68c 100644 --- a/lib/libedit/search.c +++ b/lib/libedit/search.c @@ -1,4 +1,4 @@ -/* $OpenBSD: search.c,v 1.25 2016/04/11 21:17:29 schwarze Exp $ */ +/* $OpenBSD: search.c,v 1.26 2016/04/28 09:44:36 schwarze Exp $ */ /* $NetBSD: search.c,v 1.44 2016/04/11 18:56:31 christos Exp $ */ /*- @@ -67,6 +67,7 @@ search_init(EditLine *el) sizeof(*el->el_search.patbuf)); if (el->el_search.patbuf == NULL) return -1; + *el->el_search.patbuf = L'\0'; el->el_search.patlen = 0; el->el_search.patdir = -1; el->el_search.chacha = '\0'; |