From: Holger Hans Peter Freyther <[email protected]> In case the name is longer than all_opts->name we would try to read past the string. Start using strncmp and strlen to make sure to fully consume all_opts->name and don't read out of bounds.
2017-02-08 Holger Hans Peter Freyther <[email protected]> * gst-tool.c: Use strncmp instead of memcmp. --- ChangeLog | 4 ++++ gst-tool.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index a40b68d..0542be5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2017-02-08 Holger Hans Peter Freyther <[email protected]> + + * gst-tool.c: Use strncmp instead of memcmp. + 2015-11-07 Holger Hans Peter Freyther <[email protected]> * build-aux/overflow-builtins.m4: Add new macro. diff --git a/gst-tool.c b/gst-tool.c index 1739793..8d817c4 100644 --- a/gst-tool.c +++ b/gst-tool.c @@ -381,7 +381,7 @@ parse_long_option (const char *name, const char *arg) len = p++ - name; for (all_opts = long_opts; all_opts; all_opts = all_opts->next) - if (!memcmp (name, all_opts->name, len)) + if (strlen(all_opts->name) >= len && !strncmp (name, all_opts->name, len)) { opt = all_opts; if (opt->name[len] == '\0') -- 2.10.2 _______________________________________________ help-smalltalk mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-smalltalk
