From ca552b91fb7a60c3200564acb30ea4af46249ffe Mon Sep 17 00:00:00 2001 From: Theo Buehler Date: Mon, 12 Sep 2016 20:11:11 +0000 Subject: If boardspec doesn't consist entirely of lower case letters, there will be out of bound accesses of arrays, leading to sefaults or bus errors. Verify that at most one boardspec with lower case letters is given, or error out. ok millert --- games/boggle/boggle/bog.c | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) (limited to 'games') diff --git a/games/boggle/boggle/bog.c b/games/boggle/boggle/bog.c index 8384db2baac..4955bc8c9ac 100644 --- a/games/boggle/boggle/bog.c +++ b/games/boggle/boggle/bog.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bog.c,v 1.32 2016/09/12 14:38:58 otto Exp $ */ +/* $OpenBSD: bog.c,v 1.33 2016/09/12 20:11:10 tb Exp $ */ /* $NetBSD: bog.c,v 1.5 1995/04/24 12:22:32 cgd Exp $ */ /*- @@ -142,18 +142,16 @@ main(int argc, char *argv[]) argv += 1; } - if (argc > 0) { - if (islower((unsigned char)argv[0][0])) { - if (strlen(argv[0]) != ncubes) { - usage(); - } else { - /* This board is assumed to be valid... */ - bspec = argv[0]; - } - } else { - usage(); - } - } + if (argc == 1) { + if (strlen(argv[0]) != ncubes) + usage(); + for (p = argv[0]; *p != '\0'; p++) + if (!islower((unsigned char)*p)) + errx(1, "only lower case letters are allowed " + "in boardspec"); + bspec = argv[0]; + } else if (argc != 0) + usage(); if (batch && bspec == NULL) errx(1, "must give both -b and a board setup"); -- cgit v1.2.3