Fix stack buffer overflow (#233)

The adjustment of parse_error introduced a possible stack buffer overflow if lesskey filename is long enough. How to reproduce: KEYFILE=$(python -c 'print("/tmp/"+4*(255*"a"+"/")+"lesskey.txt")') install -d $(dirname KEYFILE) echo "#version a" > $KEYFILE less --lesskey-src=$KEYFILE -f /dev/null
gwsw · Dec 20, 2021 · ae087e2 · ae087e2
1 parent f90a807
commit ae087e2
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/lesskey_parse.c b/lesskey_parse.c
@@ -133,7 +133,8 @@ parse_error(fmt, arg1)
 {
  char buf[1024];
  int n = snprintf(buf, sizeof(buf), "%s: line %d: ", lesskey_file, linenum);
- snprintf(buf+n, sizeof(buf)-n, fmt, arg1);
+ if (n >= 0 && n < sizeof(buf))
+ snprintf(buf+n, sizeof(buf)-n, fmt, arg1);
  ++errors;
  lesskey_parse_error(buf);
 }