From b3c3dbff0e023132684879ad1d2c7f5727b29475 Mon Sep 17 00:00:00 2001
From: Sunmin Lee <sunm.lee@samsung.com>
Date: Wed, 28 Dec 2016 10:20:32 +0900
Subject: [PATCH] Fix vulnerability

Check range of signo before use it

Change-Id: Icae63a7185a897ba6688b45715b208c2d92df1b7
Signed-off-by: Sunmin Lee <sunm.lee@samsung.com>
---
 src/crash-stack/crash-stack.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/crash-stack/crash-stack.c b/src/crash-stack/crash-stack.c
index 250e780..7471e86 100644
--- a/src/crash-stack/crash-stack.c
+++ b/src/crash-stack/crash-stack.c
@@ -454,9 +454,14 @@ static void __crash_stack_print_signal(int signo)
 		[SIGTTIN]="SIGTTIN", [SIGTTOU]="SIGTTOU", [SIGURG]="SIGURG",
 		[SIGXCPU]="SIGXCPU", [SIGXFSZ]="SIGXFSZ", [SIGVTALRM]="SIGVTALRM",
 		[SIGPROF]="SIGPROF", [SIGWINCH]="SIGWINCH", [SIGIO]="SIGIO",
-		[SIGPWR]="SIGPWR", [SIGSYS]="SIGSYS", [SIGUNUSED]="SIGUNUSED",
+		[SIGPWR]="SIGPWR", [SIGSYS]="SIGSYS", /* [SIGUNUSED]="SIGUNUSED", */
 	};
 
+	if (SIGHUP > signo || signo > SIGSYS) {
+		fprintf(errfile, "Invalid signal number: %d\n", signo);
+		return;
+	}
+
 	printf("Signal: %d\n"
 	       "\t(%s)\n",
 	       signo,
-- 
2.7.4