From: Thomas Weißschuh <thomas@t-8ch.de>
Date: Fri, 22 Sep 2023 17:53:24 +0000 (+0200)
Subject: more: avoid out-of-bound access
X-Git-Tag: v2.39.3~54
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=dbde7a537f27b23d64a8d3f583af472357de7192;p=thirdparty%2Futil-linux.git

more: avoid out-of-bound access

The realloc() needs to happen before that memory is used.

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
---

diff --git a/text-utils/more.c b/text-utils/more.c
index 0a13b42438..22adaab68a 100644
--- a/text-utils/more.c
+++ b/text-utils/more.c
@@ -356,11 +356,11 @@ static void env_argscan(struct more_control *ctl, const char *s)
 	env_argv = xmalloc(sizeof(char *) * size);
 	env_argv[0] = _("MORE environment variable");	/* program name */
 	for (tok = strtok_r(str, delim, &key); tok; tok = strtok_r(NULL, delim, &key)) {
-		env_argv[env_argc++] = tok;
-		if (size < env_argc) {
+		if (size == env_argc) {
 			size *= 2;
 			env_argv = xrealloc(env_argv, sizeof(char *) * size);
 		}
+		env_argv[env_argc++] = tok;
 	}
 
 	argscan(ctl, env_argc, env_argv);