From: Aaron Merey <amerey@redhat.com>
Date: Tue, 1 Nov 2022 21:51:00 +0000 (-0400)
Subject: debuginfod-client: Fix out-of-bounds write
X-Git-Tag: elfutils-0.188~3
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=04b1a3aa;p=thirdparty%2Felfutils.git

debuginfod-client: Fix out-of-bounds write

Return early from path_escape when '\0' is seen in order to prevent
an out-of-bounds write to the dest buffer.

Signed-off-by: Aaron Merey <amerey@redhat.com>
---

diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c
index d097ca49d..0c4a00cf9 100644
--- a/debuginfod/debuginfod-client.c
+++ b/debuginfod/debuginfod-client.c
@@ -595,8 +595,7 @@ path_escape (const char *src, char *dest)
       {
       case '\0':
         dest[q] = '\0';
-        q = PATH_MAX-1; /* escape for loop too */
-        break;
+	return;
       case '/': /* escape / to prevent dir escape */
         dest[q++]='#';
         dest[q++]='#';