Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
parsecfg: do not continue past a zero termination
When a config file line ends without newline, the parsing function could
continue reading beyond that point in memory.

Reported-by: Hanno Böck
  • Loading branch information
bagder committed Apr 17, 2015
1 parent 05e4137 commit 691a07d
Showing 1 changed file with 19 additions and 16 deletions.
35 changes: 19 additions & 16 deletions src/tool_parsecfg.c
Expand Up @@ -187,24 +187,27 @@ int parseconfig(const char *filename, struct GlobalConfig *global)
param = line; /* parameter starts here */
while(*line && !ISSPACE(*line))
line++;
*line = '\0'; /* zero terminate */

/* to detect mistakes better, see if there's data following */
line++;
/* pass all spaces */
while(*line && ISSPACE(*line))
line++;
if(*line) {
*line = '\0'; /* zero terminate */

switch(*line) {
case '\0':
case '\r':
case '\n':
case '#': /* comment */
break;
default:
warnf(operation->global, "%s:%d: warning: '%s' uses unquoted white "
"space in the line that may cause side-effects!\n",
filename, lineno, option);
/* to detect mistakes better, see if there's data following */
line++;
/* pass all spaces */
while(*line && ISSPACE(*line))
line++;

switch(*line) {
case '\0':
case '\r':
case '\n':
case '#': /* comment */
break;
default:
warnf(operation->global, "%s:%d: warning: '%s' uses unquoted "
"white space in the line that may cause side-effects!\n",
filename, lineno, option);
}
}
}

Expand Down

0 comments on commit 691a07d

Please sign in to comment.