]> granicus.if.org Git - curl/commitdiff
projects / curl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e97679a)
voutf: fix bad arethmetic when outputting warnings to stderr
authorDaniel Stenberg <daniel@haxx.se>
Sat, 27 Oct 2018 23:33:23 +0000 (01:33 +0200)
committerDaniel Stenberg <daniel@haxx.se>
Tue, 30 Oct 2018 06:47:25 +0000 (07:47 +0100)
CVE-2018-16842
Reported-by: Brian Carpenter
Bug: https://curl.haxx.se/docs/CVE-2018-16842.html

src/tool_msgs.c patch | blob | history

diff --git a/src/tool_msgs.c b/src/tool_msgs.c
index 832ed8147b4c33c04aadea7b04129c9755b8af6d..f5e1df25fb42703531d17f0dee3e2da6b40c8bae 100644 (file)
--- a/src/tool_msgs.c
+++ b/src/tool_msgs.c
@@ -67,7 +67,7 @@ static void voutf(struct GlobalConfig *config,
         (void)fwrite(ptr, cut + 1, 1, config->errors);
         fputs("\n", config->errors);
         ptr += cut + 1; /* skip the space too */
-        len -= cut;
+        len -= cut + 1;
       }
       else {
         fputs(ptr, config->errors);
Unnamed repository; edit this file 'description' to name the repository.