From ff38047b0c077d354535a4920d1f84bed45d87f0 Mon Sep 17 00:00:00 2001
From: John Baldwin <jhb@FreeBSD.org>
Date: Tue, 1 Sep 2020 16:20:42 +0000
Subject: [PATCH] Fix a buffer overrun.

getln() returns 'len' valid characters.  line[len] is out of bounds.

Reported by:	CHERI
Reviewed by:	brooks
Obtained from:	CheriBSD
MFC after:	2 weeks
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D26197
---
 lib/libc/tests/resolv/resolv_test.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/libc/tests/resolv/resolv_test.c b/lib/libc/tests/resolv/resolv_test.c
index 1da42e3bcd18..6668ad722e0c 100644
--- a/lib/libc/tests/resolv/resolv_test.c
+++ b/lib/libc/tests/resolv/resolv_test.c
@@ -76,15 +76,15 @@ load(const char *fname)
 	if ((fp = fopen(fname, "r")) == NULL)
 	ATF_REQUIRE(fp != NULL);
 	while ((line = fgetln(fp, &len)) != NULL) {
-		char c = line[len];
+		char c = line[len - 1];
 		char *ptr;
-		line[len] = '\0';
+		line[len - 1] = '\0';
 		for (ptr = strtok(line, WS); ptr; ptr = strtok(NULL, WS)) {
 			if (ptr == '\0' || ptr[0] == '#')
 				continue;
 			sl_add(hosts, strdup(ptr));
 		}
-		line[len] = c;
+		line[len - 1] = c;
 	}
 
 	(void)fclose(fp);