From 664b8603a1b6dc94d199496dc4b372b285fa89fd Mon Sep 17 00:00:00 2001 From: John MacFarlane Date: Fri, 20 Jan 2017 20:14:46 +0100 Subject: Fixed buffer overflow error in S_parser_feed. The overflow could occur in the following condition: the buffer ends with `\r` and the next memory address contains `\n`. Closes #184. --- src/blocks.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/blocks.c') diff --git a/src/blocks.c b/src/blocks.c index 99dd082..051d2e8 100644 --- a/src/blocks.c +++ b/src/blocks.c @@ -580,7 +580,7 @@ static void S_parser_feed(cmark_parser *parser, const unsigned char *buffer, if (buffer == end) parser->last_buffer_ended_with_cr = true; } - if (*buffer == '\n') + if (buffer < end && *buffer == '\n') buffer++; } } -- cgit v1.2.3