On 20/01/17 18:29, David Decotigny wrote:
diff --git a/src/core/settings.c b/src/core/settings.c
index c306054..b4ccedf 100644
--- a/src/core/settings.c
+++ b/src/core/settings.c
@@ -1344,12 +1344,19 @@ int storef_setting ( struct settings *settings, const 
struct setting *setting,

        /* Parse formatted value */
        check_len = setting_parse ( setting->type, value, raw, raw_len );
-       assert ( check_len == raw_len );
+       if ( check_len != raw_len ) {
+               if (check_len < 0)
+                       rc = check_len;
+               else
+                       rc = -EINVAL;
+               goto err_einval;
+       }

        /* Store raw value */
        if ( ( rc = store_setting ( settings, setting, raw, raw_len ) ) != 0 )
                goto err_store;

+ err_einval:
   err_store:
        free ( raw );
   err_alloc_raw:

An assert() seems appropriate here. We have already called setting_parse() once to calculate the required length. We then call it again with an identical type and value after allocating the buffer. This second call should never be able produce a different length from the original call, since the inputs were identical.

Michael
_______________________________________________
ipxe-devel mailing list
ipxe-devel@lists.ipxe.org
https://lists.ipxe.org/mailman/listinfo.cgi/ipxe-devel

Reply via email to