Skip to content

Commit e74fd71

Browse files
padelsbachpadelsbach
committed
Fix underflow in sftp example with empty args
1 parent 157cb01 commit e74fd71

File tree

2 files changed

+18
-8
lines changed

2 files changed

+18
-8
lines changed

examples/sftpclient/sftpclient.c

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -472,7 +472,7 @@ static int doCmds(func_args* args)
472472
pt += sizeof("mkdir");
473473
sz = (int)WSTRLEN(pt);
474474

475-
if (pt[sz - 1] == '\n') pt[sz - 1] = '\0';
475+
if (sz > 0 && pt[sz - 1] == '\n') pt[sz - 1] = '\0';
476476
if (pt[0] != '/') {
477477
int maxSz = (int)WSTRLEN(workingDir) + sz + 2;
478478
f = (char*)WMALLOC(maxSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -522,7 +522,7 @@ static int doCmds(func_args* args)
522522
pt += sizeof("get");
523523

524524
sz = (int)WSTRLEN(pt);
525-
if (pt[sz - 1] == '\n') pt[sz - 1] = '\0';
525+
if (sz > 0 && pt[sz - 1] == '\n') pt[sz - 1] = '\0';
526526

527527
/* search for space delimiter */
528528
to = pt;
@@ -633,7 +633,7 @@ static int doCmds(func_args* args)
633633
pt += sizeof("put");
634634
sz = (int)WSTRLEN(pt);
635635

636-
if (pt[sz - 1] == '\n') pt[sz - 1] = '\0';
636+
if (sz > 0 && pt[sz - 1] == '\n') pt[sz - 1] = '\0';
637637

638638
to = pt;
639639
for (i = 0; i < sz; i++) {
@@ -739,7 +739,7 @@ static int doCmds(func_args* args)
739739
pt += sizeof("cd");
740740
sz = (int)WSTRLEN(pt);
741741

742-
if (pt[sz - 1] == '\n') pt[sz - 1] = '\0';
742+
if (sz > 0 && pt[sz - 1] == '\n') pt[sz - 1] = '\0';
743743
if (pt[0] != '/') {
744744
int maxSz = (int)WSTRLEN(workingDir) + sz + 2;
745745
f = (char*)WMALLOC(maxSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -803,7 +803,7 @@ static int doCmds(func_args* args)
803803
pt += sizeof("chmod");
804804
sz = (word32)WSTRLEN(pt);
805805

806-
if (pt[sz - 1] == '\n') pt[sz - 1] = '\0';
806+
if (sz > 0 && pt[sz - 1] == '\n') pt[sz - 1] = '\0';
807807

808808
/* advance pointer to first location of non space character */
809809
for (idx = 0; idx < sz && pt[0] == ' '; idx++, pt++);
@@ -885,7 +885,7 @@ static int doCmds(func_args* args)
885885
pt += sizeof("rmdir");
886886
sz = (int)WSTRLEN(pt);
887887

888-
if (pt[sz - 1] == '\n') pt[sz - 1] = '\0';
888+
if (sz > 0 && pt[sz - 1] == '\n') pt[sz - 1] = '\0';
889889
if (pt[0] != '/') {
890890
int maxSz = (int)WSTRLEN(workingDir) + sz + 2;
891891
f = (char*)WMALLOC(maxSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -942,7 +942,7 @@ static int doCmds(func_args* args)
942942
pt += sizeof("rm");
943943
sz = (int)WSTRLEN(pt);
944944

945-
if (pt[sz - 1] == '\n') pt[sz - 1] = '\0';
945+
if (sz > 0 && pt[sz - 1] == '\n') pt[sz - 1] = '\0';
946946
if (pt[0] != '/') {
947947
int maxSz = (int)WSTRLEN(workingDir) + sz + 2;
948948
f = (char*)WMALLOC(maxSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -997,7 +997,7 @@ static int doCmds(func_args* args)
997997
pt += sizeof("rename");
998998
sz = (int)WSTRLEN(pt);
999999

1000-
if (pt[sz - 1] == '\n') pt[sz - 1] = '\0';
1000+
if (sz > 0 && pt[sz - 1] == '\n') pt[sz - 1] = '\0';
10011001

10021002
/* search for space delimiter */
10031003
to = pt;

tests/sftp.c

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,16 @@ static const char* cmds[] = {
6868
"chmod 600 test-get-2",
6969
"rm test-get-2",
7070
"ls -s",
71+
/* empty arg tests: trigger pt[sz-1] underflow if sz == 0 */
72+
"mkdir",
73+
"cd",
74+
"ls",
75+
"chmod",
76+
"rmdir",
77+
"rm",
78+
"rename",
79+
"get",
80+
"put",
7181
"exit"
7282
};
7383
static int commandIdx = 0;

0 commit comments

Comments
 (0)