diff options
| author | Andreas Kling <kling@serenityos.org> | 2020-11-14 11:23:39 +0100 |
|---|---|---|
| committer | Andreas Kling <kling@serenityos.org> | 2020-11-14 11:23:39 +0100 |
| commit | a65e7db533adb567b05859a574042b76e5912a6c (patch) | |
| tree | 112b01bc555353b6ce773749756a3b6b81147ce4 /Libraries | |
| parent | abe9cec612bf95f76451beb8e7bdc7f9c7edb0b3 (diff) | |
| download | serenity-a65e7db533adb567b05859a574042b76e5912a6c.zip | |
LibC: Fix OOB access in strerror() with invalid input
Calling strerror() with a negative number should not access below the
error string array.
Found by running GCC in UE. :^)
Diffstat (limited to 'Libraries')
| -rw-r--r-- | Libraries/LibC/string.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Libraries/LibC/string.cpp b/Libraries/LibC/string.cpp index 5bd872d4f8..56eadb2c26 100644 --- a/Libraries/LibC/string.cpp +++ b/Libraries/LibC/string.cpp @@ -372,7 +372,7 @@ int sys_nerr = EMAXERRNO; char* strerror(int errnum) { - if (errnum >= EMAXERRNO) { + if (errnum < 0 || errnum >= EMAXERRNO) { printf("strerror() missing string for errnum=%d\n", errnum); return const_cast<char*>("Unknown error"); } |