[alsa-lib] ucm: Use strncmp to avoid access-out-of-boundary
diff mbox series

Message ID 20191129193530.51415-1-paulhsia@chromium.org
State New
Headers show
Series
  • [alsa-lib] ucm: Use strncmp to avoid access-out-of-boundary
Related show

Commit Message

Chih-Yang Hsia Nov. 29, 2019, 7:35 p.m. UTC
From: paulhsia <paulhsia@chromium.org>

If the length of the identifier is less than the length of the prefix,
access-out-of-boundary will occur in memcmp().

Signed-off-by: paulhsia <paulhsia@chromium.org>
---
 src/ucm/main.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

Comments

Jaroslav Kysela Nov. 29, 2019, 7:50 p.m. UTC | #1
Dne 29. 11. 19 v 20:35 Chih-Yang Hsia napsal(a):
> From: paulhsia <paulhsia@chromium.org>
> 
> If the length of the identifier is less than the length of the prefix,
> access-out-of-boundary will occur in memcmp().

Applied. Thank you for your contribution.

					Jaroslav

Patch
diff mbox series

diff --git a/src/ucm/main.c b/src/ucm/main.c
index b0b6ffb3..252e50d9 100644
--- a/src/ucm/main.c
+++ b/src/ucm/main.c
@@ -61,11 +61,13 @@  static int check_identifier(const char *identifier, const char *prefix)
 {
 	int len;
 
-	if (strcmp(identifier, prefix) == 0)
-		return 1;
 	len = strlen(prefix);
-	if (memcmp(identifier, prefix, len) == 0 && identifier[len] == '/')
+	if (strncmp(identifier, prefix, len) != 0)
+		return 0;
+
+	if (identifier[len] == 0 || identifier[len] == '/')
 		return 1;
+
 	return 0;
 }