From: Stefan Berger <stef...@us.ibm.com> Check the range of the algo index parameter before using it for accessing an array.
Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.com> --- lib/rpmsignfiles.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/rpmsignfiles.c b/lib/rpmsignfiles.c index b7d9ccc..97a5be4 100644 --- a/lib/rpmsignfiles.c +++ b/lib/rpmsignfiles.c @@ -32,6 +32,8 @@ static const char *hash_algo_name[] = { [PGPHASHALGO_SHA224] = "sha224", }; +#define ARRAY_SIZE(a) (sizeof(a) / sizeof(a[0])) + char *get_fskpass(void) { struct termios flags, tmp_flags; @@ -130,6 +132,10 @@ rpmRC rpmSignFiles(Header h, const char *key, char *keypass) rpmlog(RPMLOG_ERR, _("missing RPMTAG_FILEDIGESTALGO\n")); return RPMRC_FAIL; } + if (algo < 0 || algo >= ARRAY_SIZE(hash_algo_name)) { + rpmlog(RPMLOG_ERR, _("File digest algorithm id is invalid")); + return RPMRC_FAIL; + } diglen = rpmDigestLength(algo); algoname = hash_algo_name[algo]; -- 2.5.5 _______________________________________________ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint