dependency: avoid exploitable (!) use of uninitialized length values introduced in commit 0ab3b32255
parent
0ab3b32255
commit
8de2ab6b4d
|
@ -105,7 +105,7 @@ pkg_dependency_parse_str(pkg_dependency_t *deplist_head, const char *depends)
|
||||||
pkg_dependency_t *deplist = NULL;
|
pkg_dependency_t *deplist = NULL;
|
||||||
pkg_comparator_t compare = PKG_ANY;
|
pkg_comparator_t compare = PKG_ANY;
|
||||||
char buf[PKG_BUFSIZE];
|
char buf[PKG_BUFSIZE];
|
||||||
size_t package_sz, version_sz;
|
size_t package_sz = 0, version_sz = 0;
|
||||||
char *start = buf;
|
char *start = buf;
|
||||||
char *ptr = buf;
|
char *ptr = buf;
|
||||||
char *vstart = NULL;
|
char *vstart = NULL;
|
||||||
|
@ -172,6 +172,8 @@ pkg_dependency_parse_str(pkg_dependency_t *deplist_head, const char *depends)
|
||||||
deplist_head = deplist;
|
deplist_head = deplist;
|
||||||
|
|
||||||
compare = PKG_ANY;
|
compare = PKG_ANY;
|
||||||
|
package_sz = 0;
|
||||||
|
version_sz = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
@ -250,6 +252,8 @@ pkg_dependency_parse_str(pkg_dependency_t *deplist_head, const char *depends)
|
||||||
deplist_head = deplist;
|
deplist_head = deplist;
|
||||||
|
|
||||||
compare = PKG_ANY;
|
compare = PKG_ANY;
|
||||||
|
package_sz = 0;
|
||||||
|
version_sz = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (state == OUTSIDE_MODULE)
|
if (state == OUTSIDE_MODULE)
|
||||||
|
|
Loading…
Reference in New Issue