From cdabbecd375be45f13b5e4f8c37053c96cd81499 Mon Sep 17 00:00:00 2001 From: Colomban Wendling Date: Sun, 24 Jan 2016 15:26:11 +0100 Subject: [PATCH] read: Avoid possible NULL dereference in getNthPrevCFromInputFile() Also, don't perform subtractions to check pointer bounds, to avoid unsigned value wraparound. This is very unlikely as it would either mean a very large `nth` value or a very small value for the current line pointer, but better safe than sorry. --- tagmanager/ctags/read.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tagmanager/ctags/read.c b/tagmanager/ctags/read.c index 038410f8..5a1f2ce7 100644 --- a/tagmanager/ctags/read.c +++ b/tagmanager/ctags/read.c @@ -506,9 +506,10 @@ extern int fileGetc (void) extern int fileGetNthPrevC (unsigned int nth, int def) { const unsigned char *base = (unsigned char *) vStringValue (File.line); + const unsigned int offset = File.ungetchIdx + 1 + nth; - if (File.currentLine - File.ungetchIdx - 1 - nth >= base) - return (int) *(File.currentLine - File.ungetchIdx - 1 - nth); + if (File.currentLine != NULL && File.currentLine >= base + offset) + return (int) *(File.currentLine - offset); else return def; }