From de2dd6b1250579c46ff085d8dad760d6d5ca9407 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Thu, 24 Jan 2013 02:14:42 +0100 Subject: [PATCH] BUG/MEDIUM: tools: off-by-one in quote_arg() This function may write the \0 one char too far in the static array. There is no effect right now as the function has never been used except maybe in code that was never released. Out-of-tree code might possibly be affected though (hence the MEDIUM flag). No backport is needed. Reported-by: Dinko Korunic --- src/standard.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/standard.c b/src/standard.c index 13ec4ad999..b14b70ba27 100644 --- a/src/standard.c +++ b/src/standard.c @@ -1567,7 +1567,7 @@ const char *quote_arg(const char *ptr) if (!ptr || !*ptr) return "end of line"; val[0] = '\''; - for (i = 1; i < sizeof(val) - 1 && *ptr; i++) + for (i = 1; i < sizeof(val) - 2 && *ptr; i++) val[i] = *ptr++; val[i++] = '\''; val[i] = '\0'; -- 2.47.3