From: Erwan Velu Date: Thu, 5 Nov 2009 16:39:20 +0000 (+0100) Subject: hdt: Prevent auto mode from using empty commands X-Git-Tag: syslinux-3.84-pre1~14 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=4cedaeb54b19d8560b19aac25e86cf1d52fdc606;p=platform%2Fupstream%2Fsyslinux.git hdt: Prevent auto mode from using empty commands Impact: prevent running stupid commands The code didn't prevents from executing stupid "'" commands --- diff --git a/com32/hdt/hdt-cli.c b/com32/hdt/hdt-cli.c index f395260..fdb10e4 100644 --- a/com32/hdt/hdt-cli.c +++ b/com32/hdt/hdt-cli.c @@ -763,7 +763,7 @@ void start_auto_mode(struct s_hardware *hardware) /* Searching & saving all commands */ mypch = strtok (temp,AUTO_SEPARATOR); while (mypch != NULL) { - if (strlen(remove_spaces(mypch))>0) { + if ((strlen(remove_spaces(mypch))>0) && (remove_spaces(mypch)[0] !='\'')) { nb_commands++; if ((commands[nb_commands]=malloc(AUTO_COMMAND_SIZE)) != NULL) { sprintf(commands[nb_commands],"%s",remove_spaces(mypch));