From cef3566998fcae6936d781e678c309950a8a5787 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 3 Oct 2014 20:57:30 -0400 Subject: [PATCH] sd-id128: do stricter checking of random boot id If we are bothering to check whether the kernel is not feeding us bad data, we might as well do it properly. CID #1237692. --- src/libsystemd/sd-id128/sd-id128.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git src/libsystemd/sd-id128/sd-id128.c src/libsystemd/sd-id128/sd-id128.c index a1e44e6..233ffa0 100644 --- src/libsystemd/sd-id128/sd-id128.c +++ src/libsystemd/sd-id128/sd-id128.c @@ -183,11 +183,14 @@ _public_ int sd_id128_get_boot(sd_id128_t *ret) { for (j = 0, p = buf; j < 16; j++) { int a, b; - if (p >= buf + k) + if (p >= buf + k - 1) return -EIO; - if (*p == '-') + if (*p == '-') { p++; + if (p >= buf + k - 1) + return -EIO; + } a = unhexchar(p[0]); b = unhexchar(p[1]); -- 1.7.9.2