From 0982bfd9997d73bae1257da56413898f5f8d97fe Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Sun, 11 Aug 2024 14:44:28 +0200
Subject: [PATCH] BUG/MINOR: tools: make fgets_from_mem() stop at the end of
 the input

The memchr() used to look for the LF character must consider the end of
input, not just the output buffer size.

This was found by oss-fuzz:
   https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71096

No backport is needed.
---
 src/tools.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/tools.c b/src/tools.c
index 220f3fec25b00..15756c880bd4a 100644
--- a/src/tools.c
+++ b/src/tools.c
@@ -6681,6 +6681,9 @@ char *fgets_from_mem(char* buf, int size, const char **position, const char *end
 		return NULL;
 
 	size--; /* keep fgets behaviour, reads at most one less than size */
+	if (size > end - *position)
+		size = end - *position;
+
 	new_pos = memchr(*position, '\n', size);
 	if (new_pos) {
 		/* '+1' to grab and copy '\n' at the end of line */