7fb961dd60
actually read already. Albeit it's not damaging to copy zero data for bufend == crec->data case, the buffer end could also be between memory position 'crec' and 'crec->data'. Thus, we could end up with negative 'bufend - crec->data' value, and obvious havoc. This change fixes lib/12673, though the problem was masked and no longer repeatable with the provided example after the recent buffer size bump. The change was tested with the buffer size change backed off, and really fixes the problem in the PR. |
||
---|---|---|
.. | ||
append.c | ||
extern.h | ||
fields.c | ||
files.c | ||
fsort.c | ||
fsort.h | ||
init.c | ||
Makefile | ||
msort.c | ||
pathnames.h | ||
sort.1 | ||
sort.c | ||
sort.h | ||
tmp.c |