9pfs/solanum-vs-hackint-and-charybdis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ircd: chmode: Avoid referencing beyond the end of the flags_list array in set_channel_mode

Browse source 
We're setting flags to flags_list[3] at the end of the loop, but the
array only has 3 elements. Unless the compiler optimises this away
(because flags will not be used again) we're accessing memory beyond
the end of the array.

With gcc-4.9:
chmode.c: In function 'set_channel_mode':
chmode.c:1548:54: warning: iteration 2u invokes undefined behavior [-Waggressive-loop-optimizations]
  for(j = 0, flags = flags_list[0]; j < 3; j++, flags = flags_list[j])
                                                      ^
chmode.c:1548:2: note: containing loop
  for(j = 0, flags = flags_list[0]; j < 3; j++, flags = flags_list[j])

Explicitly set "flags = flags_list[j]" at the start of each loop
iteration, which will avoid referencing off the end of the array.
This commit is contained in:
Simon Arlott 2016-02-06 15:50:17 +00:00 committed by William Pitcock
parent 41aed6bbf7
commit 87c44482d0
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ircd/chmode.c
View file

@ -1747,8 +1747,9 @@ set_channel_mode(struct Client *client_p, struct Client *source_p,
source_p->name, source_p->username,
source_p->host, chptr->chname);
for(j = 0, flags = flags_list[0]; j < 3; j++, flags = flags_list[j])
for(j = 0; j < 3; j++)
{
flags = flags_list[j];
cur_len = mlen;
mbuf = modebuf + mlen;
pbuf = parabuf;