sort: fix very-unlikely buffer overrun when merging to input file

* src/sort.c (avoid_trashing_input): Fix a typo that could cause a
buffer overrun in theory.  In practice this is extremely unlikely,
as it requires running out of file descriptors in a small merge,
presumably because some other process is hogging all the OS's file
descriptors.

diff --git a/src/sort.c b/src/sort.c
index 63162ea..3321ddb 100644 (file)
--- a/src/sort.c
+++ b/src/sort.c
@@ -3613,9 +3613,8 @@ avoid_trashing_input (struct sortfile *files, size_t ntemps,
               files[i].name = temp;
               files[i].pid = pid;
 
-              if (i + num_merged < nfiles)
-                memmove (&files[i + 1], &files[i + num_merged],
-                         num_merged * sizeof *files);
+              memmove (&files[i + 1], &files[i + num_merged],
+                       (nfiles - (i + num_merged)) * sizeof *files);
               ntemps += 1;
               nfiles -= num_merged - 1;;
               i += num_merged;