Home Explore Help
Sign In
hongwenjun
/
musl
mirror of https://git.musl-libc.org/git/musl
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

fgets: avoid arithmetic overflow when n==INT_MIN is passed

performing n-- is not a safe operation for arbitrary signed input n.
only perform the decrement in the code path where the initial n is
greater than 1, and adjust the condition in the n<=1 code path to
compensate for it not having been decremented.
Rich Felker 2 years ago
parent
d8f35e29d0
commit
5ff3eea91f
1 changed files with 3 additions and 2 deletions
Split View Show Diff Stats
  1. 3 2
      src/stdio/fgets.c

+ 3 - 2
src/stdio/fgets.c
View File 

@@ -12,13 +12,14 @@ char *fgets(char *restrict s, int n, FILE *restrict f)
 
 
 	FLOCK(f);
 
 
-	if (n--<=1) {
 
+	if (n<=1) {
 
 		f->mode |= f->mode-1;
 
 		FUNLOCK(f);
 
-		if (n) return 0;
 
+		if (n<1) return 0;
 
 		*s = 0;
 
 		return s;
 
 	}
 
+	n--;
 
 
 	while (n) {
 
 		if (f->rpos != f->rend) {