6 Jan
2015
6 Jan
'15
8:09 p.m.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Am 2015-01-06 um 21:07 schrieb Stefan Dösinger:
Am 2014-12-13 um 18:06 schrieb Jonathan Vollebregt:
+static LSTATUS sane_path(const WCHAR *key) +{
- if (key[0] == '\' && key[1] == '\' && key[2] != '\')
return ERROR_NO_REMOTE;- return ERROR_SUCCESS;
+}
This adds (or rather extends) a possible out of bound array access.
Actually, never mind that, as discussed on IRC. If the string is too short key[0] or key[1] won't be '\'. Still it looks somewhat odd, but the next patch adds an explicit length check.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBAgAGBQJUrEEAAAoJEN0/YqbEcdMw1FUQAIZWTWbqtX8CvA+26vpsRDKL
sY96cCXSONaWSgYK/8ScIE1wFM2VEzvCe8y3ShsJjtrjOTpKy/lNn+S46RsDzanC
PlXdr9j8h2QO8pJRVVRgqkO6Ch+QZYI2Sk8ICOEumVMERE8KzSQNLLqSDzO/+JOO
cnQsswRqvC4Mai9pEMx/jLD0fSNJAALzJt8aQDv2S8C2pZdaTWCQPGDJboPewGjL
JmsrtorcS6VMFgW7lFobIw476sJ9gBaqykyiEkwSV/+kTN0rRLZJDTvzs9a3kwMD
VzVuxNbxig/udxJnOW1yyRCMEIimBui/Apotbhg/FdpIatKvL5X4CEz3ms9b93Dp
8wCUNTuE4zblmNfr09c+bGmD157DwV02C6FfXLBoxMbLaNVkhe2zN6CONHxJDgkk
5UShkHhT8xKclnSpt9Uw77+4T/swcaae02mO9OfqbxnQrBahkQ3GbGy8Qs8uENlh
HAKXuFMRe2BZBmnGPOx1wG0L3kUIBxB/zpZb8ByAGD/xxlvef+QXtznWsqaCes3m
kG8/ndc+0ZpDAlNjsXIXXUrTOFguchS3tjMsivjVfFgt8o4WwcWCmPsoYHNAWNGD
tl31KlRIAtq7elSv1zGq4Bwntg1gUdNk5yqCZBjMflZB3gr4MqRPqu56P/hionpr
KCq+v5IRqUGrJhlExrV9
=FL8R
-----END PGP SIGNATURE-----