From d0a30912c83f90595ded23fd3924ba826f498b16 Mon Sep 17 00:00:00 2001
From: Tatsuya Kinoshita <tats@debian.org>
Date: Sat, 27 Mar 2021 20:04:56 +0900
Subject: Fix potential integer overflow in allocStr

---
 indep.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'indep.c')

diff --git a/indep.c b/indep.c
index 4957c67..055e19e 100644
--- a/indep.c
+++ b/indep.c
@@ -104,6 +104,8 @@ allocStr(const char *s, int len)
 	return NULL;
     if (len < 0)
 	len = strlen(s);
+    if (len < 0 || len >= STR_SIZE_MAX)
+	len = STR_SIZE_MAX - 1;
     ptr = NewAtom_N(char, len + 1);
     if (ptr == NULL) {
 	fprintf(stderr, "fm: Can't allocate string. Give me more memory!\n");
-- 
cgit v1.2.3