Date: Thu, 21 Aug 2014 02:40:34 +0000 (UTC) From: "Pedro F. Giffuni" <pfg@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r270256 - in head: bin/ed libexec/rtld-elf usr.bin/mail Message-ID: <201408210240.s7L2eYju076100@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pfg Date: Thu Aug 21 02:40:33 2014 New Revision: 270256 URL: http://svnweb.freebsd.org/changeset/base/270256 Log: Always check the limits of array index variables before using them. Obtained from: DragonFlyBSD MFC after: 1 week Modified: head/bin/ed/cbc.c head/libexec/rtld-elf/libmap.c head/usr.bin/mail/edit.c Modified: head/bin/ed/cbc.c ============================================================================== --- head/bin/ed/cbc.c Thu Aug 21 01:07:27 2014 (r270255) +++ head/bin/ed/cbc.c Thu Aug 21 02:40:33 2014 (r270256) @@ -237,7 +237,7 @@ expand_des_key(char *obuf, char *kbuf) /* * now translate it, bombing on any illegal hex digit */ - for (i = 0; kbuf[i] && i < 16; i++) + for (i = 0; i < 16 && kbuf[i]; i++) if ((nbuf[i] = hex_to_binary((int) kbuf[i], 16)) == -1) des_error("bad hex digit in key"); while (i < 16) Modified: head/libexec/rtld-elf/libmap.c ============================================================================== --- head/libexec/rtld-elf/libmap.c Thu Aug 21 01:07:27 2014 (r270255) +++ head/libexec/rtld-elf/libmap.c Thu Aug 21 02:40:33 2014 (r270256) @@ -216,14 +216,14 @@ lmc_parse(char *lm_p, size_t lm_len) p = NULL; while (cnt < lm_len) { i = 0; - while (lm_p[cnt] != '\n' && cnt < lm_len && + while (cnt < lm_len && lm_p[cnt] != '\n' && i < sizeof(line) - 1) { line[i] = lm_p[cnt]; cnt++; i++; } line[i] = '\0'; - while (lm_p[cnt] != '\n' && cnt < lm_len) + while (cnt < lm_len && lm_p[cnt] != '\n') cnt++; /* skip over nl */ cnt++; Modified: head/usr.bin/mail/edit.c ============================================================================== --- head/usr.bin/mail/edit.c Thu Aug 21 01:07:27 2014 (r270255) +++ head/usr.bin/mail/edit.c Thu Aug 21 02:40:33 2014 (r270256) @@ -81,7 +81,7 @@ edit1(int *msgvec, int type) /* * Deal with each message to be edited . . . */ - for (i = 0; msgvec[i] && i < msgCount; i++) { + for (i = 0; i < msgCount && msgvec[i]; i++) { sig_t sigint; if (i > 0) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201408210240.s7L2eYju076100>