sadc: Fix insecure data handling, really

Commit 7ebfd7e checked upper bounds of values read from a possibly tainted data file. Add a lower bounds check to really fix the insecure data handling. CID #29720. Signed-off-by: Sebastien GODARD <sysstat@users.noreply.github.com>
sysstat · Oct 25, 2015 · c99a15a · c99a15a
1 parent c9e9693
commit c99a15a
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/sadc.c b/sadc.c
@@ -925,11 +925,11 @@ void open_ofile(int *ofd, char ofile[], int restart_mark)
 			 */
 			goto append_error;
 
-		if (!file_act[i].nr || !file_act[i].nr2 ||
+		if ((file_act[i].nr <= 0) || (file_act[i].nr2 <= 0) ||
 		    (file_act[i].nr > act[p]->nr_max) ||
 		    (file_act[i].nr2 > NR2_MAX)) {
 			/*
-			 * Number of items and subitems should never be null,
+			 * Number of items and subitems should never be zero (or negative)
 			 * or greater than their upper limit.
 			 */
 			goto append_error;