From 0533f3f67e72ef3f77130fbbf17590da6e7af932 Mon Sep 17 00:00:00 2001
From: rh0 <rh0x0@protonmail.com>
Date: Mon, 30 Sep 2024 21:57:37 +0200
Subject: [PATCH] OOB fix in set_abort_reason_auxiliary_buffer

passing a message size larger than the size of the msg buffer to
set_abort_reason_auxiliary_buffer() may lead to an out-of-bounds read.
---
 nyx/helpers.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/nyx/helpers.c b/nyx/helpers.c
index 20e7203402..c0c64587db 100644
--- a/nyx/helpers.c
+++ b/nyx/helpers.c
@@ -28,6 +28,8 @@ void nyx_abort(const char *fmt, ...)
     msglen = vsnprintf(msg, sizeof(msg), fmt, ap);
     va_end(ap);
 
+    msglen = MIN(msglen, sizeof(msg));
+
     nyx_error("%s\n", msg);
     set_abort_reason_auxiliary_buffer(GET_GLOBAL_STATE()->auxilary_buffer, msg,
                                       msglen);