diff options
| author | Kevin McCarthy <kevin@8t8.us> | 2022-04-09 13:32:33 -0700 |
|---|---|---|
| committer | Kevin McCarthy <kevin@8t8.us> | 2022-04-12 11:07:34 -0700 |
| commit | f82641352c6c0f1912c518875133a9b73a0e1f34 (patch) | |
| tree | 9261b92befb8c51cb8be4665fe14293baa0ab457 /init.c | |
| parent | 195bcad02535738e03788e34cdc3f1f0c842b6e1 (diff) | |
Fix strlen() assigns to be of type size_t where obvious.
Ticket 405 had an almost-exploit enabled by sloppy assignment of
strlen(). There were more details involved, of course, but this
served as encouragement to clean up obvious "strlen assignment to int"
in the rest of the code.
Note this is not *all* cases, only those that were simple and obvious.
In some cases, the code assigns strlen() to an int but also uses that
variable to hold negative values for another reason. In other cases,
an API is involved (e.g. SASL) that make changing potentially
dangerous. And lastly, some functions were just a bit too complicated
to risk introducing a bug.
Diffstat (limited to 'init.c')
| -rw-r--r-- | init.c | 8 |
1 files changed, 5 insertions, 3 deletions
@@ -1195,7 +1195,7 @@ static int parse_attach_list (BUFFER *buf, BUFFER *s, LIST **ldata, BUFFER *err) LIST *listp, *lastp; char *p; char *tmpminor; - int len; + size_t len; int ret; /* Find the last item in the list that data points to. */ @@ -2111,7 +2111,8 @@ void mutt_envlist_set (const char *name, const char *value, int overwrite) { char **envp = envlist; char work[LONG_STRING]; - int count, len; + int count; + size_t len; len = mutt_strlen (name); @@ -2147,7 +2148,8 @@ void mutt_envlist_set (const char *name, const char *value, int overwrite) static int parse_setenv(BUFFER *tmp, BUFFER *s, union pointer_long_t udata, BUFFER *err) { - int query, unset, len; + int query, unset; + size_t len; char *name, **save, **envp = envlist; int count = 0; long data = udata.l; |