Permalink
Browse files

voutf: fix bad arethmetic when outputting warnings to stderr

CVE-2018-16842
Reported-by: Brian Carpenter
Bug: https://curl.haxx.se/docs/CVE-2018-16842.html
  • Loading branch information...
bagder committed Oct 27, 2018
1 parent e97679a commit d530e92f59ae9bb2d47066c3c460b25d2ffeb211
Showing with 1 addition and 1 deletion.
  1. +1 −1 src/tool_msgs.c
@@ -67,7 +67,7 @@ static void voutf(struct GlobalConfig *config,
(void)fwrite(ptr, cut + 1, 1, config->errors);
fputs("\n", config->errors);
ptr += cut + 1; /* skip the space too */
len -= cut;
len -= cut + 1;
}
else {
fputs(ptr, config->errors);

0 comments on commit d530e92

Please sign in to comment.