diff options
| author | William Bader <williambader@hotmail.com> | 2020-10-22 22:55:28 +0000 |
|---|---|---|
| committer | Matěj Cepl <mcepl@cepl.eu> | 2024-05-19 08:27:32 +0200 |
| commit | 67ccb0444a64ca650a6e446a3d120d69a537c573 (patch) | |
| tree | efdb45351b457d3f389ebc042444776a207af429 /externs.h | |
| parent | eb3942e15700f3f4f61b4e46917ae8fbe614e524 (diff) | |
| download | lout-CVE-2019-19918_CVE-2019-19918.tar.gz | |
fix for CVE-2019-19917 and CVE-2019-19918CVE-2019-19918_CVE-2019-19918
The one in StringQuotedWord was more complicated because it was
due to a string longer than MAX_BUFF, and when I fixed the access
there, other places had errors.
The one in srcnext needed only an extra test in a loop.
I tested the manual in doc/user before and after, and the only
differences seemed to be places that embedded the current time.
Diffstat (limited to 'externs.h')
| -rw-r--r-- | externs.h | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -260,6 +260,9 @@ If you're compiling this, you've got the wrong settings in the makefile! /* that can appear correctly on one page. Can be */ /* increased to any small positive integer. */ /* */ +/* MAX_FORMAT The maximum number of characters for sscanf formats */ +/* for splitting strings with tab-delimited fields. */ +/* */ /*****************************************************************************/ #define MAX_FULL_LENGTH 8388607 /* 2**23 - 1, about 148 metres */ @@ -275,6 +278,7 @@ If you're compiling this, you've got the wrong settings in the makefile! #define MAX_LEX_STACK 20 #define MAX_CHARS 256 #define MAX_HCOPIES 3 +#define MAX_FORMAT 100 /*****************************************************************************/ /* */ |