Return early from function if src null-terminates in the loop before
the target does. This is to prevent pointers going to addresses beyond
null-termination.
* device/dev_name.c (name_equal): Check if src null-terminates in the loop.
---
device/dev_name.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/device/dev_name.c b/device/dev_name.c
index bf541df..6ce4b19 100644
--- a/device/dev_name.c
+++ b/device/dev_name.c
@@ -69,9 +69,12 @@ name_equal(src, len, target)
int len;
char *target;
{
- while (--len >= 0)
+ while (--len >= 0) {
if (*src++ != *target++)
return FALSE;
+ if (*src == '\0' && *target != '\0')
+ return FALSE;
+ }
return *target == 0;
}
--
1.8.1.4
