From dc617a2f2d31e4c448b806791b3f8736cf9d1ffb Mon Sep 17 00:00:00 2001
From: Rolf Eike Beer <eike@sf-mail.de>
Date: Tue, 12 May 2020 20:06:38 +0200
Subject: [PATCH 2/4] fix possible signed integer overflow in commands()
 (CVE-2005-1514)

Fix it as suggested by the Qualys Security Advisory team.
---
 commands.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/commands.c b/commands.c
index b0d3f61..90a50c9 100644
--- a/commands.c
+++ b/commands.c
@@ -10,16 +10,17 @@ int commands(ss,c)
 substdio *ss;
 struct commands *c;
 {
-  int i;
+  unsigned int i;
   char *arg;
 
   for (;;) {
     if (!stralloc_copys(&cmd,"")) return -1;
 
     for (;;) {
+      int j;
       if (!stralloc_readyplus(&cmd,1)) return -1;
-      i = substdio_get(ss,cmd.s + cmd.len,1);
-      if (i != 1) return i;
+      j = substdio_get(ss,cmd.s + cmd.len,1);
+      if (j != 1) return j;
       if (cmd.s[cmd.len] == '\n') break;
       ++cmd.len;
     }
-- 
2.26.1