[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug-inetutils] [PATCH] Do not read beyond end of argv in ftp/main.c
|
From: |
Omer Anson |
|
Subject: |
[bug-inetutils] [PATCH] Do not read beyond end of argv in ftp/main.c |
|
Date: |
Wed, 21 Jun 2017 22:14:17 +0300 |
Currently, ftp/main.c populates xargv from argv, reading the next three
items regardless of whether they are defined or not (i.e. regardless of
the value of argc as long as it is positive). This may cause undefined
behaviour.
This change takes argc into account when populating xargv from argv.
This is version 2 of this patch, due to formatting changes. I apologize
for spamming.
---
ftp/main.c | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/ftp/main.c b/ftp/main.c
index 4ccb079..ea9f735 100644
--- a/ftp/main.c
+++ b/ftp/main.c
@@ -285,17 +285,16 @@ main (int argc, char *argv[])
}
if (argc > 0)
{
- char *xargv[5];
+ char *xargv[5] = {0};
+ int cnt = 0;
if (setjmp (toplevel))
exit (EXIT_SUCCESS);
signal (SIGINT, intr);
signal (SIGPIPE, lostpeer);
xargv[0] = program_invocation_name;
- xargv[1] = argv[0];
- xargv[2] = argv[1];
- xargv[3] = argv[2];
- xargv[4] = NULL;
+ for (cnt = 0; cnt < argc && cnt < 3; cnt++)
+ xargv[cnt+1] = argv[cnt];
setpeer (argc + 1, xargv);
}
top = setjmp (toplevel) == 0;
--
2.4.11