New subject: [alsa-devel] [PATCH alsa-lib] ucm: Use strncmp to avoid access-out-of-boundary

29 Nov 2019

From: paulhsia paulhsia@chromium.org
If the length of the identifier is less than the length of the prefix,
access-out-of-boundary will occur in memcmp().
Signed-off-by: paulhsia paulhsia@chromium.org
---
 src/ucm/main.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/ucm/main.c b/src/ucm/main.c
index b0b6ffb3..252e50d9 100644
--- a/src/ucm/main.c
+++ b/src/ucm/main.c
@@ -61,11 +61,13 @@ static int check_identifier(const char *identifier, const char *prefix)
 {
    int len;
-	if (strcmp(identifier, prefix) == 0)
-		return 1;
    len = strlen(prefix);
-	if (memcmp(identifier, prefix, len) == 0 && identifier[len] == '/')
+	if (strncmp(identifier, prefix, len) != 0)
+		return 0;
+
+	if (identifier[len] == 0 || identifier[len] == '/')
    	return 1;
+
    return 0;
 }
-- 
2.24.0.393.g34dc348eaf-goog


    

[alsa-devel] [PATCH alsa-lib] ucm: Use strncmp to avoid access-out-of-boundary

Chih-Yang Hsia

Jaroslav Kysela

tags (0)

participants (2)