mirror/bbfdm
1
0
Fork 0
mirror of https://dev.iopsys.eu/bbf/bbfdm.git synced 2026-02-12 11:00:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

dm_strword: fix invalid memory access

Browse source 
Calling this dm_strword with an emtpy 'str' can cause invalid memory
access. This commit checks for an empty string.

NOTE: This function is insecure and can cause segfaults
      when 'str' is larger than 'source'

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
This commit is contained in:
Daniel Danzberger 2020-06-09 22:24:58 +02:00
parent 9ee0484353
commit 3b7fe9237b
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
libbbf_api/dmcommon.c
View file

@ -1137,8 +1137,10 @@ static inline int isword_delim(char c)
char *dm_strword(char *src, char *str)
{
char *ret = src;
if (src[0] == '\0')
if (src[0] == 0 || str[0] == 0)
return NULL;
int len = strlen(str);
while ((ret = strstr(ret, str)) != NULL) {
if ((ret == src && isword_delim(ret[len])) ||