BUG/MINOR: tools: Fix loop condition in dump_text()

The condition should first check whether `bsize` is reached, before
dereferencing the offset. Even if this always works fine, due to the
string being null-terminated, this certainly looks odd.

Found using GitHub's CodeQL scan.

This bug traces back to at least 97c2ae13bc0d7961a348102d6719fbcaf34d46d5
(1.7.0+) and this patch should be backported accordingly.

diff --git a/src/tools.c b/src/tools.c
index 4f536efc3ee4bafc22a58e08416b91096cac8cc4..cc71d45358af0f4cb94c7c2a23a26ad0d94b848a 100644 (file)
--- a/src/tools.c
+++ b/src/tools.c
@@ -4522,9 +4522,9 @@ int may_access(const void *ptr)
 int dump_text(struct buffer *out, const char *buf, int bsize)
 {
        unsigned char c;
-       int ptr = 0;
+       size_t ptr = 0;
 
-       while (buf[ptr] && ptr < bsize) {
+       while (ptr < bsize && buf[ptr]) {
                c = buf[ptr];
                if (isprint((unsigned char)c) && isascii((unsigned char)c) && c != '\\' && c != ' ' && c != '=') {
                        if (out->data > out->size - 1)