Fix off-by-one check that can lead to a memory overflow in ecpg.

Michael Meskes · Michael Meskes · commit e7e71b9e1ecb · 2019-04-11T21:05:39.000+02:00
Patch by Liu Huailing &lt;liuhuailing@cn.fujitsu.com&gt;
diff --git a/src/interfaces/ecpg/preproc/pgc.l b/src/interfaces/ecpg/preproc/pgc.l
@@ -1411,7 +1411,7 @@ parse_include(void)
 
 		for (ip = include_paths; yyin == NULL && ip != NULL; ip = ip->next)
 		{
-			if (strlen(ip->path) + strlen(yytext) + 3 > MAXPGPATH)
+			if (strlen(ip->path) + strlen(yytext) + 4 > MAXPGPATH)
 			{
 				fprintf(stderr, _("Error: include path \"%s/%s\" is too long on line %d, skipping\n"), ip->path, yytext, yylineno);
 				continue;

Original file line number	Diff line number	Diff line change
`@@ -1411,7 +1411,7 @@ parse_include(void)`
`1411`	`1411`
`1412`	`1412`	`for (ip = include_paths; yyin == NULL && ip != NULL; ip = ip->next)`
`1413`	`1413`	`{`
`1414`		`- if (strlen(ip->path) + strlen(yytext) + 3 > MAXPGPATH)`
	`1414`	`+ if (strlen(ip->path) + strlen(yytext) + 4 > MAXPGPATH)`
`1415`	`1415`	`{`
`1416`	`1416`	`fprintf(stderr, _("Error: include path \"%s/%s\" is too long on line %d, skipping\n"), ip->path, yytext, yylineno);`
`1417`	`1417`	`continue;`