From 5a4369dd279b1ee50779ae4ab16daaa035eeeb69 Mon Sep 17 00:00:00 2001
From: Quentin Carbonneaux <quentin@c9x.me>
Date: Wed, 28 Jul 2021 00:53:09 +0200
Subject: fix buffer overflow in parser (afl)

Reported by Alessandro Mantovani.
Overly long function names would
trigger out-of-bounds accesses.
---
 parse.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/parse.c b/parse.c
index 48f2f6e..a7e4452 100644
--- a/parse.c
+++ b/parse.c
@@ -813,7 +813,7 @@ parsefn(int export)
 		rcls = 5;
 	if (next() != Tglo)
 		err("function name expected");
-	strcpy(curf->name, tokval.str);
+	strncpy(curf->name, tokval.str, NString-1);
 	curf->vararg = parserefl(0);
 	if (nextnl() != Tlbrace)
 		err("function body must start with {");
-- 
cgit 1.4.1