thodg/got

Browse

Commit c10270f60d5b5c805167e48e6a4fe265bdbecc69

Christian Weisgerber 2021-09-06T08:45:22

assert against accidentally overflowing argv[] in got_dial_ssh() ok stsp 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

diff --git a/lib/dial.c b/lib/dial.c
index 1220c48..6c0be0a 100644
--- a/lib/dial.c
+++ b/lib/dial.c
@@ -20,6 +20,7 @@
 #include <sys/socket.h>
 #include <netdb.h>
 
+#include <assert.h>
 #include <err.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -31,6 +32,10 @@
 
 #include "got_lib_dial.h"
 
+#ifndef nitems
+#define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
+#endif
+
 #ifndef ssizeof
 #define ssizeof(_x) ((ssize_t)(sizeof(_x)))
 #endif
@@ -216,6 +221,7 @@ got_dial_ssh(pid_t *newpid, int *newfd, const char *host,
 	argv[i++] = (char *)cmd;
 	argv[i++] = (char *)path;
 	argv[i++] = NULL;
+	assert(i <= nitems(argv));
 
 	if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pfd) == -1)
 		return got_error_from_errno("socketpair");
kmx.io     mail     discord kmxgit v0.4.0