sd-id128: do stricter checking of random boot id

author Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>

Sat, 4 Oct 2014 00:57:30 +0000 (20:57 -0400)

committer Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>

Sat, 4 Oct 2014 00:57:30 +0000 (20:57 -0400)
author Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Sat, 4 Oct 2014 00:57:30 +0000 (20:57 -0400)
committer Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Sat, 4 Oct 2014 00:57:30 +0000 (20:57 -0400)
diff --git a/src/libsystemd/sd-id128/sd-id128.c b/src/libsystemd/sd-id128/sd-id128.c

index a1e44e6d19df927b6fa371aa968483aa44b60176..233ffa070bdb69900afa3ee482b0f987c7b5d73e 100644 (file)
--- a/src/libsystemd/sd-id128/sd-id128.c
+++ b/src/libsystemd/sd-id128/sd-id128.c
@@ -183,11 +183,14 @@ _public_ int sd_id128_get_boot(sd_id128_t *ret) {
          for (j = 0, p = buf; j < 16; j++) {
                  int a, b;
  
-                if (p >= buf + k)
+                if (p >= buf + k - 1)
                          return -EIO;
  
-                if (*p == '-')
+                if (*p == '-') {
                          p++;
+                        if (p >= buf + k - 1)
+                                return -EIO;
+                }
  
                  a = unhexchar(p[0]);
                  b = unhexchar(p[1]);
author	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Sat, 4 Oct 2014 00:57:30 +0000 (20:57 -0400)
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Sat, 4 Oct 2014 00:57:30 +0000 (20:57 -0400)