Eggdev: Re: [eggheads-patches] 2 bugs in match.c

Will Buckner (Wcc) wcc at techmonkeys.org
Wed Mar 3 15:02:04 CST 2004


> Hi,
> 
> Did you actually see errors happening in _wild_match()? 
> Because the line right
> after while (n >= 0) { is if (m < ma) { ... }. So that should 
> take care of
> it...
> 
> Also for _wild_match_per, if *n == 0 and *m == 0, it should 
> be a match,
> shouldn't it?

Yeah. If it's causing a problem (sounds like hes saying it is),
possibly something like:

if ((m == 0) || (n == 0))
  return NOMATCH;
if (!*m && !*n)
  return PERMATCH;
if (!*m || !*m)
  return NOMATCH;

> --- winkey <winkey at unstable.org> wrote:
> > match.c
> > 
> > if you pass wild_match_per a empty string as the first arg you would
> > access mem the proccess don't own
> > 
> > _wild_match
> > 
> > need to check if m < ma so you don't access memory you don't own
> > 
> > 
> > -- 
> > winkey <winkey at unstable.org>
> > > diff -urN eggdrop1.6.orig/src/match.c eggdrop1.6/src/match.c
> > --- eggdrop1.6.orig/src/match.c	2004-02-28 
> 12:09:23.000000000 -0800
> > +++ eggdrop1.6/src/match.c	2004-02-28 12:12:27.000000000 -0800
> > @@ -41,7 +41,8 @@
> >    register unsigned int sofar = 0;
> >  
> >    /* null strings should never match */
> > -  if ((m == 0) || (n == 0) || (!*n))
> > +  if ((m == 0) || (n == 0) || (!*n) || (!*m)) /* check *m 
> too otherwise we
> > will
> > +	  							
> 			  touch ram we shouldn't */
> >      return NOMATCH;
> >  
> >    while (*n) {
> > @@ -144,7 +145,7 @@
> >    while (*(++n));
> >    n--;
> >  
> > -  while (n >= na) {
> > +  while (n >= na && m >= ma) { /* stop if m < ma we don't 
> own that ram */
> >      /* If the mask runs out of chars before the string, 
> fall back on
> >       * a wildcard or fail. */
> >      if (m < ma) {
> > 

Wcc




More information about the Eggdev mailing list