[gnutls-devel] [PATCH 2/2] Fix srptool issues
Attila Molnar
attilamolnar at hush.com
Fri Oct 4 17:21:49 CEST 2013
>From dc3a0d6d8d4aa98ccb19641e6668a03d77f381f1 Mon Sep 17 00:00:00 2001
From: Attila Molnar <attilamolnar at hush.com>
Date: Tue, 1 Oct 2013 13:42:10 +0200
Subject: [PATCH 2/2] srptool: Fix segfault when an invalid group parameter
index is given
If no group with the given index was found in the password conf file
srptool crashed instead of reporting the error because the return value of
fgets() wasn't validated before it was passed to atoi().
Signed-off-by: Attila Molnar <attilamolnar at hush.com>
---
src/srptool.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/src/srptool.c b/src/srptool.c
index 7955b49..debc94b 100644
--- a/src/srptool.c
+++ b/src/srptool.c
@@ -576,9 +576,8 @@ crypt_int (const char *username, const char *passwd, int salt_size,
do
{ /* find the specified uindex in file */
p = fgets (line, sizeof (line) - 1, fd);
- iindex = atoi (p);
}
- while (p != NULL && iindex != uindex);
+ while (p != NULL && (iindex = atoi (p)) != uindex);
if (p == NULL)
{
--
More information about the Gnutls-devel
mailing list