From: Matthew Vernon <matthew@debian.org>
Date: Sat, 12 May 2018 09:00:46 +0000 (+0100)
Subject: Allow space for trailing NULL (closes: #897712)
X-Git-Tag: archive/debian/4.30~1
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~matthewv/git?p=bible-kjv.git;a=commitdiff_plain;h=2c4b559f8301f236110356a0215d6d20fae6193f

Allow space for trailing NULL (closes: #897712)

cfname was previously STRSZ long, but the strncat use on l661 could
write up to STRSZ bytes to it, which would mean that the trailing NULL
would then overflow the array. Fix this by allocating STRSZ+1 bytes to
cfname.
---

diff --git a/tsl.c b/tsl.c
index f6d90b2..d5946a2 100644
--- a/tsl.c
+++ b/tsl.c
@@ -595,7 +595,7 @@ void tsl_init(char *dfname,char *path, const int memlimit)
     Univ_Int *up;
     int tablesize;
 #define STRSZ 255
-    char cfname[STRSZ];
+    char cfname[STRSZ+1]; /*allow space for trailing NULL*/
 
     if (memlimit > 0)
 	tsl_maxbuffusage = memlimit<<10;	/* times 1024 */