1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
From: Michael R Sweet <msweet@msweet.org>
Date: Tue, 26 Jan 2021 08:02:32 -0500
Subject: CVE-2021-23180
Fix a crash bug with malformed URIs (Issue #418)
Origin: upstream, https://github.com/michaelrsweet/htmldoc/commit/19c582fb32eac74b57e155cffbb529377a9e751a
Bug: https://github.com/michaelrsweet/htmldoc/issues/418
Bug-Debian: https://bugs.debian.org/989437
---
htmldoc/file.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/htmldoc/file.c b/htmldoc/file.c
index 9f017de..eee89af 100644
--- a/htmldoc/file.c
+++ b/htmldoc/file.c
@@ -304,6 +304,7 @@ const char * /* O - File extension */
file_extension(const char *s) /* I - Filename or URL */
{
const char *extension; /* Pointer to directory separator */
+ char *bufptr; /* Pointer into buffer */
static char buf[1024]; /* Buffer for files with targets */
@@ -334,7 +335,8 @@ file_extension(const char *s) /* I - Filename or URL */
strlcpy(buf, extension, sizeof(buf));
- *(char *)strchr(buf, '#') = '\0';
+ if ((bufptr = strchr(buf, '#')) != NULL)
+ *bufptr = '\0';
return (buf);
}
|
