Hello,
this is a small fix for arg.h where it's possible to perform an
out-of-boundary memory access in argv's internal string. In particular,
this is a fix for sbase's arg.h, but I've also seen it in st repo, and I
suppose that this "bug" is present in all suckless' repo which uses arg.h .
Cheers.
-- lv.
>From 439ba086ea3163f91088deff5a87a6b46009c1ba Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Vuotto <[email protected]>
Date: Fri, 19 Feb 2016 15:59:49 -0300
Subject: [hackers][sbase][PATCH] arg.h: fixed argv checks order
To: [email protected]
This prevents accessing to a potentially out-of-bounds memory section.
Signed-off-by: Lucas Gabriel Vuotto <[email protected]>
---
arg.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arg.h b/arg.h
index de6ce94..0b23c53 100644
--- a/arg.h
+++ b/arg.h
@@ -10,8 +10,8 @@ extern char *argv0;
/* use main(int argc, char *argv[]) */
#define ARGBEGIN for (argv0 = *argv, argv++, argc--;\
- argv[0] && argv[0][1]\
- && argv[0][0] == '-';\
+ argv[0] && argv[0][0] == '-'\
+ && argv[0][1];\
argc--, argv++) {\
char argc_;\
char **argv_;\
--
1.9.1
