diff options
author | David Oberhollenzer <david.oberhollenzer@tele2.at> | 2018-11-03 19:25:15 +0100 |
---|---|---|
committer | David Oberhollenzer <david.oberhollenzer@tele2.at> | 2018-11-03 19:26:00 +0100 |
commit | b3773d09ea08234a1e0205ecb66733dda067c1ea (patch) | |
tree | f7ead7e62a7f20376cbdb3c7036d1b9e3ecaf04c /lib/libcfg | |
parent | 24e98f1e5b7dba6af0d2524127098c04530680a2 (diff) |
Only parse arguments if index actually is numeric
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
Diffstat (limited to 'lib/libcfg')
-rw-r--r-- | lib/libcfg/rdline.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/lib/libcfg/rdline.c b/lib/libcfg/rdline.c index 3c3fcb3..b532def 100644 --- a/lib/libcfg/rdline.c +++ b/lib/libcfg/rdline.c @@ -84,15 +84,16 @@ static int normalize_line(rdline_t *t) } else if (c == '%') { *(dst++) = c; c = *(src++); - if (c != '%' && !isdigit(c)) { + if (isdigit(c)) { + if ((c - '0') >= t->argc) { + errstr = "argument out of range"; + goto fail; + } + ret += strlen(t->argv[c - '0']); + } else if (c != '%') { errstr = "expected digit after '%%'"; goto fail; } - if (isdigit(c) && (c - '0') >= t->argc) { - errstr = "argument out of range"; - goto fail; - } - ret += strlen(t->argv[c - '0']); } else if (string && c == '\\' && *src != '\0') { *(dst++) = c; c = *(src++); |