From 6c0823454ef075fedacf0b155e088ffc447985d6 Mon Sep 17 00:00:00 2001 From: yefeng Date: Wed, 20 Apr 2022 13:43:22 +0800 Subject: [PATCH] Fix stack-buffer-overflow at zlog_conf_build_with_file -#53811 --- src/conf.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/conf.c b/src/conf.c index a947178..258a59a 100644 --- a/src/conf.c +++ b/src/conf.c @@ -276,6 +276,7 @@ static int zlog_conf_build_with_file(zlog_conf_t * a_conf) */ pline = line; memset(&line, 0x00, sizeof(line)); + //循环读取配置文件的一行 while (fgets((char *)pline, sizeof(line) - (pline - line), fp) != NULL) { ++line_no; line_len = strlen(pline); @@ -304,12 +305,13 @@ static int zlog_conf_build_with_file(zlog_conf_t * a_conf) for (p = pline + strlen(pline) - 1; isspace((int)*p); --p) /*EMPTY*/; + //处理结束符为 '\\' 的特殊情况, 在这种情况下,当前行与下面一行并做一行处理 if (*p == '\\') { if ((p - line) > MAXLEN_CFG_LINE - 30) { /* Oops the buffer is full - what now? */ pline = line; } else { - for (p--; isspace((int)*p); --p) + for(p--; p >= line && isspace((int)*p); --p) /*EMPTY*/; p++; *p = 0; -- 2.31.1