[Seq-cvs-commit] SF.net SVN: seq:[1031] showeq/branches/pre_6_0_beta/src/eqstr.cpp

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 1031
          http://sourceforge.net/p/seq/svn/1031
Author:   cn187
Date:     2020-05-21 03:19:04 +0000 (Thu, 21 May 2020)
Log Message:
-----------
Fix crash due to buffer over-read in EQStr::formatMessage

Modified Paths:
--------------
    showeq/branches/pre_6_0_beta/src/eqstr.cpp

Modified: showeq/branches/pre_6_0_beta/src/eqstr.cpp
===================================================================

--- showeq/branches/pre_6_0_beta/src/eqstr.cpp	2020-05-20 21:24:04 UTC (rev 1030)
+++ showeq/branches/pre_6_0_beta/src/eqstr.cpp	2020-05-21 03:19:04 UTC (rev 1031)
@@ -155,7 +155,7 @@
 	unsigned char *cp;
 	tempStr.sprintf( "Unknown: %04x:", formatid);
 	cp = (unsigned char *) arguments;
-	while (cp < ((unsigned char *) &arguments[argsLen])) {
+	while (cp < ((unsigned char *) &arguments[argsLen] - sizeof(uint32_t)*sizeof(unsigned char))) {
 	    arg_len = (cp[0] << 0) | (cp[1] << 8) | (cp[2] << 16) | (cp[3] << 24);
 	    cp += 4;
 	    if (arg_len == 0)

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



