diff options
author | ailin-nemui <ailin-nemui@users.noreply.github.com> | 2017-10-07 20:45:13 +0200 |
---|---|---|
committer | ailin-nemui <ailin-nemui@users.noreply.github.com> | 2017-10-07 20:48:53 +0200 |
commit | 00c80cb6fcca40cfc421fe3fc181115ac4907191 (patch) | |
tree | 8a069c069b7747d39c2eaed9e9b33387042f67ee /src/fe-common | |
parent | 92dbb1895b84bc9412bea62ce11473daf4dd2618 (diff) | |
download | irssi-00c80cb6fcca40cfc421fe3fc181115ac4907191.zip |
fix out of bounds read in compress_colors
Reported by Hanno Böck.
Fixes GL#12
Diffstat (limited to 'src/fe-common')
-rw-r--r-- | src/fe-common/core/themes.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/fe-common/core/themes.c b/src/fe-common/core/themes.c index 2b1459be..cb1cce8f 100644 --- a/src/fe-common/core/themes.c +++ b/src/fe-common/core/themes.c @@ -587,7 +587,7 @@ static char *theme_format_compress_colors(THEME_REC *theme, const char *format) /* a normal character */ g_string_append_c(str, *format); format++; - } else { + } else if (format[1] != '\0') { /* %format */ format++; if (IS_OLD_FORMAT(*format, last_fg, last_bg)) { @@ -614,6 +614,11 @@ static char *theme_format_compress_colors(THEME_REC *theme, const char *format) last_bg = '\0'; } format++; + } else { + /* % at end of string */ + format++; + g_string_append_c(str, '%'); + g_string_append_c(str, '%'); } } |