commit: b4ace2f3443e6746a54eb14c7f50aa719540181c
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Thu Feb 1 08:19:01 2024 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Thu Feb 1 08:19:01 2024 +0000
URL: https://gitweb.gentoo.org/proj/portage-utils.git/commit/?id=b4ace2f3
libq/contents: fix invalid access problem pointed out by valgrind
len represents the entire string length, but we start scanning after the
line identifier, so substract that size from len, such that we don't
start scanning after the end of the input string.
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
libq/contents.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libq/contents.c b/libq/contents.c
index feb1c0b..6ec4491 100644
--- a/libq/contents.c
+++ b/libq/contents.c
@@ -34,6 +34,9 @@ contents_parse_line_len(char *line, size_t len)
len--;
}
+ if (len <= 4) /* minimal: "dir /" */
+ return NULL;
+
memset(&e, 0x00, sizeof(e));
e._data = line;
@@ -47,6 +50,7 @@ contents_parse_line_len(char *line, size_t len)
return NULL;
e.name = e._data + 4;
+ len -= 4;
switch (e.type) {
/* dir /bin */
