Re: [gmime-devel] [PATCH 5/6] Use pinentry-mode loopback in test suite when using "modern" GnuPG



On Fri 2016-12-02 11:05:59 -0500, Daniel Kahn Gillmor wrote:
+   if (strncmp (vstring, vheader, sizeof (vheader) - 1))
+           return 0;

Same. In fact, I'd probably recommend pclose()ing vpipe as soon as you 
finish reading the output of gpg --version (no reason to keep it open 
after reading it).

+   ret = (vstring[sizeof (vheader) - 1] > '2') ||
+           (vstring[sizeof (vheader) - 1] == '2' &&
+            vstring[sizeof (vheader)] == '.' &&
+            vstring[sizeof (vheader) + 1] >= '1');

This has the potential of reading past the end of the buffer.

ah, right.  maybe we should first assert that vlen >= sizeof (vheader) ?

hm, i take it back -- how can this read past the end of the buffer if
the strncmp test above already succeeded?  the first thing it reads is
at sizeof (vheader - 1), and we already know that the first vheader-1
octets match.  So in the event that the buffer is too short,
vstring[sizeof (vheader) - 1] will be NULL, which is < '2', so "ret"
will be set to 0 and will never test vstring[sizeof (vheader)] or later.

     --dkg


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]