From 465d5402f29e0927a5ed2f06aa1b640bb792f96b Mon Sep 17 00:00:00 2001
From: outfoxxed <outfoxxed@outfoxxed.me>
Date: Mon, 2 Sep 2024 22:19:36 -0700
Subject: [PATCH] crash: fix off-end read when copying environ array

---
 src/crash/handler.cpp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/crash/handler.cpp b/src/crash/handler.cpp
index 31f51826..1f300cc9 100644
--- a/src/crash/handler.cpp
+++ b/src/crash/handler.cpp
@@ -126,8 +126,10 @@ bool CrashHandlerPrivate::minidumpCallback(
 
 	auto populateEnv = [&]() {
 		auto senvi = 0;
-		while (envi < 4095) {
-			env[envi++] = environ[senvi++]; // NOLINT
+		while (envi != 4095) {
+			auto var = environ[senvi++]; // NOLINT
+			if (var == nullptr) break;
+			env[envi++] = var;
 		}
 
 		env[envi] = nullptr;