Avoid dereferencing argv[argc].
See
http://www.forallsecure.com/bug-reports/011f1a55f79a5501b36008d6ee0d40e8b6644569/
Reported-by: Alexandre Rebert <alexan...@cmu.edu>
Signed-off-by: Julien Cristau <jcris...@debian.org>
---
main.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/main.c b/main.c
index e42b0cf..6ccb09b 100644
--- a/main.c
+++ b/main.c
@@ -242,6 +242,8 @@ main(int argc, char *argv[])
break;
case 'D':
if (argv[0][2] == '\0') {
+ if (argc < 2)
+ fatalerr("Missing argument for -D\n");
argv++;
argc--;
}
@@ -257,6 +259,8 @@ main(int argc, char *argv[])
fatalerr("Too many -I flags.\n");
*incp++ = argv[0]+2;
if (**(incp-1) == '\0') {
+ if (argc < 2)
+ fatalerr("Missing argument for -I\n");
*(incp-1) = *(++argv);
argc--;
}
@@ -270,6 +274,8 @@ main(int argc, char *argv[])
undeflist = realloc(undeflist,
numundefs * sizeof(char *));
if (argv[0][2] == '\0') {
+ if (argc < 2)
+ fatalerr("Missing argument for -U\n");
argv++;
argc--;
}
@@ -286,6 +292,8 @@ main(int argc, char *argv[])
case 'w':
if (endmarker) break;
if (argv[0][2] == '\0') {
+ if (argc < 2)
+ fatalerr("Missing argument for -w\n");
argv++;
argc--;
width = atoi(argv[0]);
@@ -295,6 +303,8 @@ main(int argc, char *argv[])
case 'o':
if (endmarker) break;
if (argv[0][2] == '\0') {
+ if (argc < 2)
+ fatalerr("Missing argument for -o\n");
argv++;
argc--;
objsuffix = argv[0];
@@ -304,6 +314,8 @@ main(int argc, char *argv[])
case 'p':
if (endmarker) break;
if (argv[0][2] == '\0') {
+ if (argc < 2)
+ fatalerr("Missing argument for -p\n");
argv++;
argc--;
objprefix = argv[0];
@@ -322,6 +334,8 @@ main(int argc, char *argv[])
if (endmarker) break;
startat = argv[0]+2;
if (*startat == '\0') {
+ if (argc < 2)
+ fatalerr("Missing argument for -s\n");
startat = *(++argv);
argc--;
}
@@ -333,6 +347,8 @@ main(int argc, char *argv[])
if (endmarker) break;
makefile = argv[0]+2;
if (*makefile == '\0') {
+ if (argc < 2)
+ fatalerr("Missing argument for -f\n");
makefile = *(++argv);
argc--;
}
--
1.7.10.4
--
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/1372698281-30544-1-git-send-email-jcris...@debian.org
