Eggdev: Re: [eggheads-patches] 2 bugs in match.c

stdarg stdarg at yahoo.com
Sun Feb 29 22:09:00 CST 2004


Hi,

Did you actually see errors happening in _wild_match()? Because the line right
after while (n >= 0) { is if (m < ma) { ... }. So that should take care of
it...

Also for _wild_match_per, if *n == 0 and *m == 0, it should be a match,
shouldn't it?

--- winkey <winkey at unstable.org> wrote:
> match.c
> 
> if you pass wild_match_per a empty string as the first arg you would
> access mem the proccess don't own
> 
> _wild_match
> 
> need to check if m < ma so you don't access memory you don't own
> 
> 
> -- 
> winkey <winkey at unstable.org>
> > diff -urN eggdrop1.6.orig/src/match.c eggdrop1.6/src/match.c
> --- eggdrop1.6.orig/src/match.c	2004-02-28 12:09:23.000000000 -0800
> +++ eggdrop1.6/src/match.c	2004-02-28 12:12:27.000000000 -0800
> @@ -41,7 +41,8 @@
>    register unsigned int sofar = 0;
>  
>    /* null strings should never match */
> -  if ((m == 0) || (n == 0) || (!*n))
> +  if ((m == 0) || (n == 0) || (!*n) || (!*m)) /* check *m too otherwise we
> will
> +	  										  touch ram we shouldn't */
>      return NOMATCH;
>  
>    while (*n) {
> @@ -144,7 +145,7 @@
>    while (*(++n));
>    n--;
>  
> -  while (n >= na) {
> +  while (n >= na && m >= ma) { /* stop if m < ma we don't own that ram */
>      /* If the mask runs out of chars before the string, fall back on
>       * a wildcard or fail. */
>      if (m < ma) {
> 


__________________________________
Do you Yahoo!?
Get better spam protection with Yahoo! Mail.
http://antispam.yahoo.com/tools



More information about the Eggdev mailing list