Browse code
Correctly validated ping interval.
Ping interval was not validated properly, causing a crash when the colon
separator was not present between attempts and interval. This was present
in clamonacc, as well as clamdscan.
Andy Ragusa authored on 2020/08/14 06:33:22Showing 2 changed files
| ... | ... |
@@ -193,7 +193,7 @@ int16_t ping_clamd(const struct optstruct *opts) |
| 193 | 193 |
goto done; |
| 194 | 194 |
} |
| 195 | 195 |
interval_str = strchr(attempt_str, ':'); |
| 196 |
- if (interval_str[0] != '\0') {
|
|
| 196 |
+ if ((NULL != interval_str) && (interval_str[0] != '\0')) {
|
|
| 197 | 197 |
interval_str[0] = '\0'; |
| 198 | 198 |
interval_str++; |
| 199 | 199 |
interval = cli_strntoul(interval_str, strlen(interval_str), &errchk, 10); |
| ... | ... |
@@ -209,7 +209,7 @@ int16_t onas_ping_clamd(struct onas_context **ctx) |
| 209 | 209 |
goto done; |
| 210 | 210 |
} |
| 211 | 211 |
interval_str = strchr(attempt_str, ':'); |
| 212 |
- if (interval_str[0] != '\0') {
|
|
| 212 |
+ if ((NULL != interval_str) && (interval_str[0] != '\0')) {
|
|
| 213 | 213 |
interval_str[0] = '\0'; |
| 214 | 214 |
interval_str++; |
| 215 | 215 |
interval = cli_strntoul(interval_str, strlen(interval_str), &errchk, 10); |