From: Aaron Merey Date: Tue, 1 Nov 2022 21:51:00 +0000 (-0400) Subject: debuginfod-client: Fix out-of-bounds write X-Git-Tag: elfutils-0.188~3 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=04b1a3aa;p=thirdparty%2Felfutils.git debuginfod-client: Fix out-of-bounds write Return early from path_escape when '\0' is seen in order to prevent an out-of-bounds write to the dest buffer. Signed-off-by: Aaron Merey --- diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c index d097ca49d..0c4a00cf9 100644 --- a/debuginfod/debuginfod-client.c +++ b/debuginfod/debuginfod-client.c @@ -595,8 +595,7 @@ path_escape (const char *src, char *dest) { case '\0': dest[q] = '\0'; - q = PATH_MAX-1; /* escape for loop too */ - break; + return; case '/': /* escape / to prevent dir escape */ dest[q++]='#'; dest[q++]='#';