nilix/fluxbox
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

FbTk/StringUtil.cc: Fix out-of-range memory access.

Browse source 
if pos is not npos, it will always be less than filename.size().
However, the access later is only safe if there is a character
after pos, which would require pos + 1 to be less than filename.size.
This commit is contained in:
Ryan Pavlik 2011-10-28 15:21:00 -06:00
parent 1ba4fbe878
commit 757f78035d
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/FbTk/StringUtil.cc
View file

@ -176,7 +176,7 @@ string expandFilename(const string &filename) {
size_t pos = filename.find_first_not_of(" \t");
if (pos != string::npos && filename[pos] == '~') {
retval = getenv("HOME");
if (pos != filename.size()) {
if (pos + 1 < filename.size()) {
// copy from the character after '~'
retval += static_cast<const char *>(filename.c_str() + pos + 1);
}