|
|
This bug could be reproduced with something like
$ bfs -samefile $'\xFA\xFA'
bfs: error: bfs: dstrnescat@src/dstring.c:252: wordesc() result truncated
or worse, with -DNDEBUG,
$ bfs -samefile $'.....................\xFA\xFA'
bfs: error: bfs -samefile $'.....................\xFA\xFA\x00\x55\x53\x45\x52\x3D\x74\x61\x76\x69\x61\x6E\x61\x74\x6F\x72
bfs: error: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bfs: error: No such file or directory.
which prints the memory after the end of the string (in this case, the
environment variable USER=tavianator).
The bug was caused by the line `*i += len`, which was intended to be
`*i = len`. But actually, the right behaviour seems to be `*i += 1`.
Fixes: 19c96abe0a1ee56cf206fd5e87defb1fd3e0daa5
|
