dquote.c: Prevent possible out-of-bounds read

This code read a byte that was potentially out-of-bounds. I don't know how it could get this far, but maybe some fuzzing code could get it.
author: Karl Williamson <khw@cpan.org> 2019-03-19 12:21:49 -0600
committer: Karl Williamson <khw@cpan.org> 2019-03-19 12:50:49 -0600
commit: 83a1b28e808bee1a60973291307e3ce0cb77aad5 (patch)
tree: 880ca94bc78377373f292ce185d719be6b6b1d62 /dquote.c
parent: e750debb242ae6fdd7b786405ba167620fb77a2d (diff)
download: perl-83a1b28e808bee1a60973291307e3ce0cb77aad5.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/dquote.c b/dquote.c
index 17857dd175..bed6624e51 100644
--- a/dquote.c
+++ b/dquote.c
@@ -106,7 +106,7 @@ Perl_grok_bslash_o(pTHX_ char **s, const char * const send, UV *uv,
     assert(* *s       == 'o');
     (*s)++;
 
-    if (**s != '{') {
+    if (send <= *s || **s != '{') {
 	*error_msg = "Missing braces on \\o{}";
 	return FALSE;
     }
author	Karl Williamson <khw@cpan.org>	2019-03-19 12:21:49 -0600
committer	Karl Williamson <khw@cpan.org>	2019-03-19 12:50:49 -0600
commit	83a1b28e808bee1a60973291307e3ce0cb77aad5 (patch)
tree	880ca94bc78377373f292ce185d719be6b6b1d62 /dquote.c
parent	e750debb242ae6fdd7b786405ba167620fb77a2d (diff)
download	perl-83a1b28e808bee1a60973291307e3ce0cb77aad5.tar.gz