From: Sanjeev Kumar Date: Wed, 7 Sep 2016 07:07:34 +0000 (+0530) Subject: Adding validation condition for underflow and overflow of int "section_number" used... X-Git-Tag: submit/tizen/20160926.083253~2 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F56%2F87256%2F3;p=platform%2Fcore%2Fuifw%2Fe-mod-tizen-keyrouter.git Adding validation condition for underflow and overflow of int "section_number" used as array index. Change-Id: I37e40c4cd61fbb4a5aba3466baa5efcdf3caf84b Signed-off-by: Sanjeev Kumar --- diff --git a/src/e_mod_keyrouter_combination.c b/src/e_mod_keyrouter_combination.c index 2842735..0e4dfcc 100644 --- a/src/e_mod_keyrouter_combination.c +++ b/src/e_mod_keyrouter_combination.c @@ -24,6 +24,7 @@ #define DBUS_IFACE "keyrouter.dbus.Signal" #define DBUS_MSG_NAME "KEY_COMBINATION" #define COMBINATION_TIME_OUT 4000 +#define MAX_SUPPORTED_COMBINATION 255 #define MATCH(s, n) strcmp(section, s) == 0 && strcmp(name, n) == 0 typedef unsigned long Time; @@ -145,9 +146,9 @@ _e_keyrouter_parse_ini_config(void* user, const char* section, const char* name, section_number = atoi(c_num); free(c_num); free(dup); - if (section_number == 0) + if (section_number <= 0 || section_number > MAX_SUPPORTED_COMBINATION) { - KLWRN("\n^[[36m Unable to read config. section_number is 0. ^[[0m\n"); + KLWRN("\n^[[36m Unable to read config. section_number is invalid. ^[[0m\n"); return -1; } section_number--;