diff options
| author |   Fabian Groffen <grobian@gentoo.org> | 2024-02-01 09:19:01 +0100 |
|---|---|---|
| committer | Fabian Groffen <grobian@gentoo.org> | 2024-02-01 09:19:01 +0100 |
| commit | b4ace2f3443e6746a54eb14c7f50aa719540181c (patch) | |
| tree | 700022599d3014273e3d0701902ec908a4d242aa | |
| parent | libq/contents: add variant specifying buffer length (diff) | |
| download | portage-utils-b4ace2f3443e6746a54eb14c7f50aa719540181c.tar.gz portage-utils-b4ace2f3443e6746a54eb14c7f50aa719540181c.tar.bz2 portage-utils-b4ace2f3443e6746a54eb14c7f50aa719540181c.zip | |
libq/contents: fix invalid access problem pointed out by valgrind
len represents the entire string length, but we start scanning after the
line identifier, so substract that size from len, such that we don't
start scanning after the end of the input string.
Signed-off-by: Fabian Groffen <grobian@gentoo.org>
| -rw-r--r-- | libq/contents.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/libq/contents.c b/libq/contents.c index feb1c0ba..6ec44915 100644 --- a/libq/contents.c +++ b/libq/contents.c @@ -34,6 +34,9 @@ contents_parse_line_len(char *line, size_t len) len--; } + if (len <= 4) /* minimal: "dir /" */ + return NULL; + memset(&e, 0x00, sizeof(e)); e._data = line; @@ -47,6 +50,7 @@ contents_parse_line_len(char *line, size_t len) return NULL; e.name = e._data + 4; + len -= 4; switch (e.type) { /* dir /bin */ |