compute the search match length correctly (found by oss-fuzzer)

author: Christos Zoulas <christos@zoulas.com> 2016-12-20 22:44:32 +0000
committer: Christos Zoulas <christos@zoulas.com> 2016-12-20 22:44:32 +0000
commit: fd1c514473926088320790496722029a529f1395 (patch)
tree: 1cff449d02ed5cb7d6cc8552e8a26bc5063af8e9
parent: a5d78ff6bf54c2c66c4203592b15e2cfcf018043 (diff)
download: file-git-fd1c514473926088320790496722029a529f1395.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/src/softmagic.c b/src/softmagic.c
index 165fa355..978962b4 100644
--- a/src/softmagic.c
+++ b/src/softmagic.c
@@ -32,7 +32,7 @@
 #include "file.h"
 
 #ifndef	lint
-FILE_RCSID("@(#)$File: softmagic.c,v 1.241 2016/12/20 13:29:20 christos Exp $")
+FILE_RCSID("@(#)$File: softmagic.c,v 1.242 2016/12/20 22:44:32 christos Exp $")
 #endif	/* lint */
 
 #include "magic.h"
@@ -1843,14 +1843,14 @@ magiccheck(struct magic_set *ms, struct magic *m)
 		v = 0;
 
 		for (idx = 0; m->str_range == 0 || idx < m->str_range; idx++) {
-			if (slen + idx > ms->search.s_len)
+			if (slen + idx >= ms->search.s_len)
 				break;
 
 			v = file_strncmp(m->value.s, ms->search.s + idx, slen,
 			    m->str_flags);
 			if (v == 0) {	/* found match */
 				ms->search.offset += idx;
-				ms->search.rm_len = m->str_range - idx;
+				ms->search.rm_len = ms->search.s_len - idx;
 				break;
 			}
 		}
author	Christos Zoulas <christos@zoulas.com>	2016-12-20 22:44:32 +0000
committer	Christos Zoulas <christos@zoulas.com>	2016-12-20 22:44:32 +0000
commit	fd1c514473926088320790496722029a529f1395 (patch)
tree	1cff449d02ed5cb7d6cc8552e8a26bc5063af8e9
parent	a5d78ff6bf54c2c66c4203592b15e2cfcf018043 (diff)
download	file-git-fd1c514473926088320790496722029a529f1395.tar.gz