diff options
| author | Samanta Navarro <ferivoz@riseup.net> | 2021-08-21 12:11:00 +0000 |
|---|---|---|
| committer | Andrew G. Morgan <morgan@kernel.org> | 2021-08-21 08:29:40 -0700 |
| commit | 34186d026bad09e8e2bd9839bce138616c5d2557 (patch) | |
| tree | b4f1e2df0a3eb4e90fcb2916691268252fe41eae | |
| parent | d21a561ddb80cdc039f32eb5225f5d398d221291 (diff) | |
| download | libcap-34186d026bad09e8e2bd9839bce138616c5d2557.tar.gz | |
Fix endless loop with very long strings
If a string with more than UINT_MAX characters is passed into
cap_from_text, then an endless loop occurs in lookupname.
This is clearly an edge case but the fix is very simple as well:
Use size_t instead of unsigned.
Signed-off-by: Samanta Navarro <ferivoz@riseup.net>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
| -rw-r--r-- | libcap/cap_text.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/libcap/cap_text.c b/libcap/cap_text.c index 87e0838..ff3699d 100644 --- a/libcap/cap_text.c +++ b/libcap/cap_text.c @@ -100,7 +100,7 @@ static int lookupname(char const **strp) return n; } else { int c; - unsigned len; + size_t len; for (len=0; (c = str.constp[len]); ++len) { if (!(isalpha(c) || (c == '_'))) { |