From bbeac6625075aa7457c3e97d2a3efce9b0a47150 Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Wed, 9 Aug 2017 19:18:45 +0200 Subject: [PATCH 1/2] fix dupe detection --- src/modules/autoseed.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/modules/autoseed.c b/src/modules/autoseed.c index efb61245e..343c742ee 100644 --- a/src/modules/autoseed.c +++ b/src/modules/autoseed.c @@ -172,8 +172,7 @@ newfaction *read_newfactions(const char *filename) sz += strlcat(password, itoa36(rng_int()), sizeof(password)); } for (f = factions; f; f = f->next) { - if (strcmp(f->email, email) == 0 && f->subscription - && f->age < MINAGE_MULTI) { + if (strcmp(f->email, email) == 0 && f->age < MINAGE_MULTI) { log_warning("email %s already in use by %s", email, factionname(f)); break; } From 9d8e9cc00b4080737f9e83822110b7e0ac270c93 Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Wed, 16 Aug 2017 20:48:03 +0200 Subject: [PATCH 2/2] at_keys is overflowing, add an assert to detect it --- src/attributes/key.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/attributes/key.c b/src/attributes/key.c index 31580bccf..e28788002 100644 --- a/src/attributes/key.c +++ b/src/attributes/key.c @@ -30,6 +30,7 @@ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. static void a_writekeys(const attrib *a, const void *o, storage *store) { int i, *keys = (int *)a->data.v; + assert(keys[0] < 4096 && keys[0]>0); WRITE_INT(store, keys[0]); for (i = 0; i < keys[0]; ++i) { WRITE_INT(store, keys[i * 2 + 1]); @@ -105,7 +106,8 @@ static void a_upgradekeys(attrib **alist, attrib *abegin) { if (ak) { ak->data.v = keys; if (keys) { - keys[0] = n + i; + keys[0] = i + n; + assert(keys[0] < 4096 && keys[0]>=0); } } } @@ -136,6 +138,7 @@ void key_set(attrib ** alist, int key, int val) keys = realloc(keys, sizeof(int) *(2 * n + 3)); /* TODO: does insertion sort pay off here? prob. not. */ keys[0] = n + 1; + assert(keys[0] < 4096 && keys[0]>=0); keys[2 * n + 1] = key; keys[2 * n + 2] = val; a->data.v = keys; @@ -150,6 +153,7 @@ void key_unset(attrib ** alist, int key) int i, *keys = (int *)a->data.v; if (keys) { int n = keys[0]; + assert(keys[0] < 4096 && keys[0]>0); for (i = 0; i != n; ++i) { if (keys[2 * i + 1] == key) { memmove(keys + 2 * i + 1, keys + 2 * n - 1, 2 * sizeof(int));