shithub: vexed

Download patch

ref: df0d3ca805b9b630f674ad932a4fbacc793df2e2
parent: e178b73063e892607d7707fe479f838741353057
author: phil9 <[email protected]>
date: Thu Dec 30 01:59:38 EST 2021

fix search going past buffer bounds

	this would lead to searching for 00 finding the byte
	after the last buffer byte as a result.

--- a/vexed.c
+++ b/vexed.c
@@ -67,11 +67,14 @@
 search(int from)
 {
 	char *s, *p;
-	int oldsel;
+	int len, oldsel;
 
 	s = (char*)buf.data + from;
-	while(s - (char*)buf.data < buf.count){
-		p = memchr(s, sbuf[0], buf.count);
+	for(;;){
+		len = s - (char*)buf.data;
+		if(len >= buf.count)
+			break;
+		p = memchr(s, sbuf[0], buf.count - len);
 		if(p == nil || (nsbuf > 1 && memcmp(p, sbuf, nsbuf) != 0)){
 			s = p + 1;
 			continue;