prevent accessing memory that we dont own

author Mike Frysinger <vapier@gentoo.org>

Sat, 30 Dec 2006 19:21:48 +0000 (19:21 -0000)

committer Mike Frysinger <vapier@gentoo.org>

Sat, 30 Dec 2006 19:21:48 +0000 (19:21 -0000)
author Mike Frysinger <vapier@gentoo.org>
Sat, 30 Dec 2006 19:21:48 +0000 (19:21 -0000)
committer Mike Frysinger <vapier@gentoo.org>
Sat, 30 Dec 2006 19:21:48 +0000 (19:21 -0000)
diff --git a/scripts/basic/fixdep.c b/scripts/basic/fixdep.c

index df3446e35e570fed911942900f0dff65125c698f..2fa78ee6aab9d235c7419bc32cbba5331463c2b0 100644 (file)
--- a/scripts/basic/fixdep.c
+++ b/scripts/basic/fixdep.c
@@ -231,10 +231,10 @@ void parse_config_file(char *map, size_t len)
         int off;
  
         for (; p < end; p++) {
-               if (!memcmp(p, "CONFIG_", 7)) goto conf7;
-               if (!memcmp(p, "ENABLE_", 7)) goto conf7;
-               if (!memcmp(p, "USE_", 4)) goto conf4;
-               if (!memcmp(p, "SKIP_", 5)) goto conf5;
+               if (p<end-7 && !memcmp(p, "CONFIG_", 7)) goto conf7;
+               if (p<end-7 && !memcmp(p, "ENABLE_", 7)) goto conf7;
+               if (p<end-4 && !memcmp(p, "USE_", 4)) goto conf4;
+               if (p<end-5 && !memcmp(p, "SKIP_", 5)) goto conf5;
                 continue;
         conf4:  off = 4; goto conf;
         conf5:  off = 5; goto conf;
@@ -303,7 +303,7 @@ void parse_dep_file(void *map, size_t len)
         char *p;
         char s[PATH_MAX];
  
-       p = strchr(m, ':');
+       p = memchr(m, ':', len);
         if (!p) {
                 fprintf(stderr, "fixdep: parse error\n");
                 exit(1);
author	Mike Frysinger <vapier@gentoo.org>
	Sat, 30 Dec 2006 19:21:48 +0000 (19:21 -0000)
committer	Mike Frysinger <vapier@gentoo.org>
	Sat, 30 Dec 2006 19:21:48 +0000 (19:21 -0000)