Merge branch 'fix-gl8' into 'security'

Fix oob read of one byte in get_file_params_count See merge request !12
2024-09-15 04:28:09 -04:00 · 2017-05-30 19:38:19 +00:00 · 2017-05-30 19:38:19 +00:00 · 84503427b0
commit 84503427b0
parent 10cea61696 30a92754bb
2 changed files with 4 additions and 0 deletions
--- a/src/irc/dcc/dcc-get.c
+++ b/src/irc/dcc/dcc-get.c
@ -382,6 +382,8 @@ int get_file_params_count(char **params, int paramcount)
 	if (*params[0] == '"') {
 		/* quoted file name? */
 		for (pos = 0; pos < paramcount-3; pos++) {
 			if (strlen(params[pos]) == 0)
 				continue;
 			if (params[pos][strlen(params[pos])-1] == '"' &&
 			    get_params_match(params, pos+1))
 				return pos+1;
--- a/src/irc/dcc/dcc-resume.c
+++ b/src/irc/dcc/dcc-resume.c
@ -62,6 +62,8 @@ int get_file_params_count_resume(char **params, int paramcount)
 	if (*params[0] == '"') {
 		/* quoted file name? */
 		for (pos = 0; pos < paramcount-2; pos++) {
 			if (strlen(params[pos]) == 0)
 				continue;
 			if (params[pos][strlen(params[pos])-1] == '"' &&
 			    get_params_match_resume(params, pos+1))
 				return pos+1;