path: root/src
diff options
authorHolger Hans Peter Freyther <holger@moiji-mobile.com>2015-04-05 14:36:31 +0200
committerHolger Hans Peter Freyther <holger@moiji-mobile.com>2015-04-05 14:40:10 +0200
commit5fb265eaa725928b59b44aa9bfe8959256014ba1 (patch)
tree8b583430fe6b7598beac1cd855dca0c2d20793b8 /src
parent4e0543f730b255849305787ecce89867e89f40f8 (diff)
ctrl: Avoid accessing cmd_desc->command out of bounds
We check that the amount of commands is not more than we have but we don't check it the other way. It appears that the vector is allowed to be bigger than the amount of commands. So we match a prefix of a longer command depending on the installation order.
Diffstat (limited to 'src')
1 files changed, 1 insertions, 1 deletions
diff --git a/src/ctrl/control_cmd.c b/src/ctrl/control_cmd.c
index 4e156b81..3dbcf8f6 100644
--- a/src/ctrl/control_cmd.c
+++ b/src/ctrl/control_cmd.c
@@ -86,7 +86,7 @@ static struct ctrl_cmd_element *ctrl_cmd_get_element_match(vector vline, vector
cmd_desc = &cmd_el->strcmd;
if (cmd_desc->nr_commands > vector_active(vline))
- for (j =0; j < vector_active(vline); j++) {
+ for (j =0; j < vector_active(vline) && j < cmd_desc->nr_commands; j++) {
str = vector_slot(vline, j);
desc = cmd_desc->command[j];
if (desc[0] == '*')