From 99f8fc995b2f080cc0a6fe934c8d9c777edc3751 Mon Sep 17 00:00:00 2001
From: Pamplemousse <xav.maso@gmail.com>
Date: Tue, 13 Jul 2021 14:23:24 -0700
Subject: [PATCH] libexpr: Fix read out-of-bound on the heap

Signed-off-by: Pamplemousse <xav.maso@gmail.com>
---
 src/libexpr/lexer.l | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/libexpr/lexer.l b/src/libexpr/lexer.l
index 7298419d9..27975dc9e 100644
--- a/src/libexpr/lexer.l
+++ b/src/libexpr/lexer.l
@@ -38,11 +38,13 @@ static void adjustLoc(YYLTYPE * loc, const char * s, size_t len)
     loc->first_line = loc->last_line;
     loc->first_column = loc->last_column;
 
-    while (len--) {
+    for (size_t i = 0; i < len; i++) {
        switch (*s++) {
        case '\r':
-           if (*s == '\n') /* cr/lf */
+           if (*s == '\n') { /* cr/lf */
+               i++;
                s++;
+           }
            /* fall through */
        case '\n':
            ++loc->last_line;