]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1a2ca4c)
printer_driver: fix incorrect processing of empty string
authorDaniil Sarafannikov <sarafannikovda@sgu.ru>
Mon, 11 May 2026 21:55:02 +0000 (01:55 +0400)
committerAnoop C S <anoopcs@samba.org>
Wed, 3 Jun 2026 07:21:32 +0000 (07:21 +0000)
get_string_token() accessed s[strlen(s) - 1] without checking
for empty strings. If a configuration value is present but empty,
this results in an out-of-bound read.

Add explicit empty string check before accessing last character.

Pair-Programmed-With: Dmitry Mikhalchenko <tascad@altlinux.org>
Signed-off-by: Daniil Sarafannikov <sarafannikovda@sgu.ru>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
lib/printer_driver/printer_driver.c patch | blob | blame | history

diff --git a/lib/printer_driver/printer_driver.c b/lib/printer_driver/printer_driver.c
index b13d44c7f98bea7eac45a4d290377bdc9a50b344..777ef2d2ee0293da3e8c85db1948b582e144a011 100644 (file)
--- a/lib/printer_driver/printer_driver.c
+++ b/lib/printer_driver/printer_driver.c
@@ -69,7 +69,7 @@ static const char *get_string_token(struct gp_inifile_context *ctx,
        char *key;
        const char *s2;
 
-       if (s != NULL &&  s[0] != '%' && s[strlen(s)-1] != '%') {
+       if (s != NULL && s[0] != '\0' && s[0] != '%' && s[strlen(s)-1] != '%') {
                return s;
        }
 
Mirror of https://github.com/samba-team/samba.git