load_one_actions_file(): Prevent invalid read if the buffer is too short

author Fabian Keil <fk@fabiankeil.de>

Sat, 16 Jan 2016 12:29:30 +0000 (12:29 +0000)

committer Fabian Keil <fk@fabiankeil.de>

Sat, 16 Jan 2016 12:29:30 +0000 (12:29 +0000)
author Fabian Keil <fk@fabiankeil.de>
Sat, 16 Jan 2016 12:29:30 +0000 (12:29 +0000)
committer Fabian Keil <fk@fabiankeil.de>
Sat, 16 Jan 2016 12:29:30 +0000 (12:29 +0000)
diff --git a/actions.c b/actions.c

index a685435..8e73138 100644 (file)
--- a/actions.c
+++ b/actions.c
@@ -1,4 +1,4 @@
-const char actions_rcs[] = "$Id: actions.c,v 1.92 2013/12/24 13:35:23 fabiankeil Exp $";
+const char actions_rcs[] = "$Id: actions.c,v 1.93 2015/08/12 10:33:13 fabiankeil Exp $";
  /*********************************************************************
   *
   * File        :  $Source: /cvsroot/ijbswa/current/actions.c,v $
@@ -1381,10 +1381,13 @@ static int load_one_actions_file(struct client_state *csp, int fileid)
               *
               * buf + 1 to skip the leading '{'
               */
-            actions_buf = strdup_or_die(buf + 1);
+            actions_buf = end = strdup_or_die(buf + 1);
  
              /* check we have a trailing } and then trim it */
-            end = actions_buf + strlen(actions_buf) - 1;
+            if (strlen(actions_buf))
+            {
+               end += strlen(actions_buf) - 1;
+            }
              if (*end != '}')
              {
                 /* No closing } */
author	Fabian Keil <fk@fabiankeil.de>
	Sat, 16 Jan 2016 12:29:30 +0000 (12:29 +0000)
committer	Fabian Keil <fk@fabiankeil.de>
	Sat, 16 Jan 2016 12:29:30 +0000 (12:29 +0000)