Since dev_add_param_enum is passed a pointer containing the actual value
it can contain an invalid value. Protect against it so that we do not
access invalid array elements.
Signed-off-by: Sascha Hauer <s.hauer@xxxxxxxxxxxxxx>
---
lib/parameter.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/lib/parameter.c b/lib/parameter.c
index 868b810..fd05b49 100644
--- a/lib/parameter.c
+++ b/lib/parameter.c
@@ -389,7 +389,7 @@ struct param_d *dev_add_param_int(struct device_d *dev, const char *name,
struct param_enum {
struct param_d param;
- int *value;
+ unsigned int *value;
const char * const *names;
int num_names;
int (*set)(struct param_d *p, void *priv);
@@ -441,7 +441,11 @@ static const char *param_enum_get(struct device_d *dev, struct param_d *p)
}
free(p->value);
- p->value = strdup(pe->names[*pe->value]);
+
+ if (*pe->value >= pe->num_names)
+ p->value = asprintf("invalid:%d", *pe->value);
+ else
+ p->value = strdup(pe->names[*pe->value]);
return p->value;
}
--
2.5.0
_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox
