From 691a07dac6df0a827aa3f0b3e21000cdb362a7fb Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Apr 2015 00:38:50 +0200 Subject: [PATCH] parsecfg: do not continue past a zero termination MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When a config file line ends without newline, the parsing function could continue reading beyond that point in memory. Reported-by: Hanno Böck --- src/tool_parsecfg.c | 35 +++++++++++++++++++---------------- 1 file changed, 19 insertions(+), 16 deletions(-) diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c index fabdbc20b6c580..4c25ddbd511a1e 100644 --- a/src/tool_parsecfg.c +++ b/src/tool_parsecfg.c @@ -187,24 +187,27 @@ int parseconfig(const char *filename, struct GlobalConfig *global) param = line; /* parameter starts here */ while(*line && !ISSPACE(*line)) line++; - *line = '\0'; /* zero terminate */ - /* to detect mistakes better, see if there's data following */ - line++; - /* pass all spaces */ - while(*line && ISSPACE(*line)) - line++; + if(*line) { + *line = '\0'; /* zero terminate */ - switch(*line) { - case '\0': - case '\r': - case '\n': - case '#': /* comment */ - break; - default: - warnf(operation->global, "%s:%d: warning: '%s' uses unquoted white " - "space in the line that may cause side-effects!\n", - filename, lineno, option); + /* to detect mistakes better, see if there's data following */ + line++; + /* pass all spaces */ + while(*line && ISSPACE(*line)) + line++; + + switch(*line) { + case '\0': + case '\r': + case '\n': + case '#': /* comment */ + break; + default: + warnf(operation->global, "%s:%d: warning: '%s' uses unquoted " + "white space in the line that may cause side-effects!\n", + filename, lineno, option); + } } }