Missing parens in REQUEST_FIXED_SIZE macro [CVE-2014-8092 pt. 5]
The 'n' parameter must be surrounded by parens in both places to prevent precedence from mis-computing things. Signed-off-by: Keith Packard <keithp@keithp.com> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
This commit is contained in:
parent
61b17c0f10
commit
9802a0162f
|
@ -80,7 +80,7 @@ SOFTWARE.
|
|||
|
||||
#define REQUEST_FIXED_SIZE(req, n)\
|
||||
if (((sizeof(req) >> 2) > client->req_len) || \
|
||||
((n >> 2) >= client->req_len) || \
|
||||
(((n) >> 2) >= client->req_len) || \
|
||||
((((uint64_t) sizeof(req) + (n) + 3) >> 2) != (uint64_t) client->req_len)) \
|
||||
return(BadLength)
|
||||
|
||||
|
|
Loading…
Reference in New Issue