Commit 260cd3394d45bd51f2002936a63401419658ecd7

dtldarek 2021-08-25T15:02:38

Fix buffer overflow on input found with fuzzying (in c-string format): "\n# h1\nc hh##e2ked\n\n A | rong__ ___strong \u0000\u0000\u0000\u0000\u0000\u0000\a\u0000\u0000\u0000\u0000\n# h1\nh# #2\n### h3\n#### h4\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\\\n##### h5\n#*#####\u0000\n6"

1
2
3
4
5
6
7
8
9
10
11
12
diff --git a/src/md4c.c b/src/md4c.c
index 2864010..3565ddf 100644
--- a/src/md4c.c
+++ b/src/md4c.c
@@ -5685,6 +5685,7 @@ md_is_container_mark(MD_CTX* ctx, unsigned indent, OFF beg, OFF* p_end, MD_CONTA
         off++;
     }
     if(off > beg  &&
+       off < ctx->size  &&
        (CH(off) == _T('.') || CH(off) == _T(')'))  &&
        (off+1 >= ctx->size || ISBLANK(off+1) || ISNEWLINE(off+1)))
     {