From fa8feee1fce1c6e728512d9e6c0bfffa89f0ce62 Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>

Date: Mon, 13 Aug 2018 14:39:46 +0200

Subject: [PATCH 5/7] Fix a read past end of buffer

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

Signed-off-by: Ondřej Lysoněk <olysonek@redhat.com>

---

 src/ascii-xfr.c | 4 ++--

 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ascii-xfr.c b/src/ascii-xfr.c

index ca27ebf..79af763 100644

--- a/src/ascii-xfr.c

+++ b/src/ascii-xfr.c

@@ -207,7 +207,7 @@ int arecv(char *file)

   }

   while ((n = read(STDIN_FILENO, line, sizeof(line))) > 0) {

-    for (s = line; n-- >0; s++) {

+    for (s = line; s - line < n; s++) {

       if (*s == eofchar)

         break;

       if (dotrans && *s == '\r')

@@ -217,7 +217,7 @@ int arecv(char *file)

     }

     stats(first);

     first = 0;

-    if (*s == eofchar)

+    if (s - line < n && *s == eofchar)

       break;

   }

   fclose(fp);

-- 

2.14.4