mifr/subsurface
1
0
Fork 0
mirror of https://github.com/subsurface/subsurface.git synced 2025-02-19 22:16:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

equipment: sanitize 'ws_info' loop limits

Browse source 
Instead of a constant or a macro for the maximum
number of 'ws_info' elements the 100 literal was used.

Define MAX_WS_INFO in dive.h and use it everywhere.

Also clamp loops that iterate `ws_info' to MAX_WS_INFO.
Prevents potential out-of-bounds reading, similarly to
the previous commit about 'tank_info'.

Signed-off-by: Lubomir I. Ivanov <neolit123@gmail.com>
This commit is contained in:
Lubomir I. Ivanov 2018-06-19 03:59:33 +03:00 committed by Dirk Hohndel
parent 769aca9e95
commit 06a870c232
4 changed files with 12 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

3
core/dive.h
View file

@ -275,6 +275,7 @@ struct divecomputer {
#define MAX_CYLINDERS (20)
#define MAX_WEIGHTSYSTEMS (6)
#define MAX_TANK_INFO (100)
#define MAX_WS_INFO (100)
#define W_IDX_PRIMARY 0
#define W_IDX_SECONDARY 1
@ -944,7 +945,7 @@ struct ws_info_t {
const char *name;
int grams;
};
extern struct ws_info_t ws_info[100];
extern struct ws_info_t ws_info[MAX_WS_INFO];
extern bool cylinder_nodata(const cylinder_t *cyl);
extern bool cylinder_none(void *_data);