From: Eric S. Raymond Date: Tue, 20 Jun 2017 11:20:03 +0000 (-0400) Subject: Fix off-by-one error that enabled the fuzzer to find a crash hole. X-Git-Tag: 1.1~202 X-Git-Url: https://jxself.org/git/?a=commitdiff_plain;h=018ca9ae373090cf8ed94d577232b8b02759f4c6;p=open-adventure.git Fix off-by-one error that enabled the fuzzer to find a crash hole. One has to allocate space for the trailing NUL, too. --- diff --git a/misc.c b/misc.c index 29846e2..71c7540 100644 --- a/misc.c +++ b/misc.c @@ -291,7 +291,7 @@ bool YES(const char* question, const char* yes_response, const char* no_response reply = get_input(); - char* firstword = (char*) xmalloc(strlen(reply)); + char* firstword = (char*) xmalloc(strlen(reply)+1); sscanf(reply, "%s", firstword); for (int i = 0; i < (int)strlen(firstword); ++i)