Permalink
Browse files

parsecfg: do not continue past a zero termination

When a config file line ends without newline, the parsing function could
continue reading beyond that point in memory.

Reported-by: Hanno Böck
  • Loading branch information...
bagder committed Apr 16, 2015
1 parent 05e4137 commit 691a07dac6df0a827aa3f0b3e21000cdb362a7fb
Showing with 19 additions and 16 deletions.
  1. +19 −16 src/tool_parsecfg.c
@@ -187,24 +187,27 @@ int parseconfig(const char *filename, struct GlobalConfig *global)
param = line; /* parameter starts here */
while(*line && !ISSPACE(*line))
line++;
*line = '\0'; /* zero terminate */

/* to detect mistakes better, see if there's data following */
line++;
/* pass all spaces */
while(*line && ISSPACE(*line))
line++;
if(*line) {
*line = '\0'; /* zero terminate */

switch(*line) {
case '\0':
case '\r':
case '\n':
case '#': /* comment */
break;
default:
warnf(operation->global, "%s:%d: warning: '%s' uses unquoted white "
"space in the line that may cause side-effects!\n",
filename, lineno, option);
/* to detect mistakes better, see if there's data following */
line++;
/* pass all spaces */
while(*line && ISSPACE(*line))
line++;

switch(*line) {
case '\0':
case '\r':
case '\n':
case '#': /* comment */
break;
default:
warnf(operation->global, "%s:%d: warning: '%s' uses unquoted "
"white space in the line that may cause side-effects!\n",
filename, lineno, option);
}
}
}

0 comments on commit 691a07d

Please sign in to comment.