From: David Levine <levinedl@acm.org>
Date: Tue, 2 Sep 2014 01:14:52 +0000 (-0500)
Subject: Don't let scan() use too large a width (BUFSIZ for now) to prevent
X-Git-Url: https://diplodocus.org/git/nmh/commitdiff_plain/105395ab9b3fb60628ff27062b6ce3f1f968021f?ds=sidebyside;hp=-c

Don't let scan() use too large a width (BUFSIZ for now) to prevent
allocating a huge output buffer.
---

105395ab9b3fb60628ff27062b6ce3f1f968021f
diff --git a/uip/scansbr.c b/uip/scansbr.c
index 2111bc16..3c6b771d 100644
--- a/uip/scansbr.c
+++ b/uip/scansbr.c
@@ -134,7 +134,7 @@ scan (FILE *inb, int innum, int outnum, char *nfs, int width, int curflg,
 	if (used_buf == NULL)
 	    adios (NULL, "unable to allocate component buffer stack");
 	used_buf += ncomps+1; *--used_buf = 0;
-	rlwidth = bodycomp && (width > SBUFSIZ) ? width : SBUFSIZ;
+	rlwidth = bodycomp && (width > SBUFSIZ) ? min (width, BUFSIZ) : SBUFSIZ;
 	for (i = ncomps; i--; )
 	    *nxtbuf++ = mh_xmalloc(rlwidth);
     }