Fix misuse of ef_cadef(EF_BAD)
ef_elt_by_name(), xdprval_sym() and symval() checked whether a file
type T is a symbol table by comparing ef_cadef(T) to symbol_ca, even
though T may be EF_BAD. Before commit 50cfdcb5, ef_cadef(EF_BAD)
accessed empfile[] out of bounds, which could conceivably crash or
somehow happen to yield symbol_ca. Since then, it oopses and returns
null.
Fix by testing the file type before calling ef_cadef().
This commit is contained in:
parent
50cfdcb5a7
commit
d929aa8b82
3 changed files with 7 additions and 4 deletions
|
|
@ -63,6 +63,7 @@ sct_typematch(char *name)
|
|||
|
||||
/*
|
||||
* Search table TYPE for an element matching NAME, return its index.
|
||||
* Accepts EF_BAD, but of course never finds anything then.
|
||||
* Return M_NOTFOUND if there are no matches, M_NOTUNIQUE if there are
|
||||
* several.
|
||||
*/
|
||||
|
|
@ -70,6 +71,8 @@ int
|
|||
ef_elt_byname(int type, char *name)
|
||||
{
|
||||
switch (type) {
|
||||
case EF_BAD:
|
||||
return M_NOTFOUND;
|
||||
case EF_NATION:
|
||||
return cnumb(name);
|
||||
case EF_SECTOR_CHR:
|
||||
|
|
|
|||
|
|
@ -197,10 +197,10 @@ xdprsym(struct xdstr *xd, int key, int type, char *sep)
|
|||
* CA describes the field from which the value was fetched.
|
||||
*/
|
||||
static char *
|
||||
xdprval_sym(struct xdstr *xd, struct valstr *val, struct castr *ca, char *sep)
|
||||
xdprval_sym(struct xdstr *xd, struct valstr *val, struct castr *ca,
|
||||
char *sep)
|
||||
{
|
||||
unsigned long bit;
|
||||
struct castr *ca_sym = ef_cadef(ca->ca_table);
|
||||
|
||||
if (CANT_HAPPEN(val->val_cat != NSC_VAL)) {
|
||||
xd->pr("%snil", sep);
|
||||
|
|
@ -208,7 +208,7 @@ xdprval_sym(struct xdstr *xd, struct valstr *val, struct castr *ca, char *sep)
|
|||
}
|
||||
|
||||
if (!xd->human || val->val_type != NSC_LONG
|
||||
|| ca->ca_table == EF_BAD || ca_sym != symbol_ca)
|
||||
|| ca->ca_table == EF_BAD || ef_cadef(ca->ca_table) != symbol_ca)
|
||||
return xdprval_nosym(xd, val, sep);
|
||||
|
||||
if (ca->ca_flags & NSC_BITS) {
|
||||
|
|
|
|||
|
|
@ -671,7 +671,7 @@ symval(struct castr *ca, int i)
|
|||
{
|
||||
int type = ca->ca_table;
|
||||
|
||||
if (ef_cadef(type) == symbol_ca)
|
||||
if (type != EF_BAD && ef_cadef(type) == symbol_ca)
|
||||
/* symbol table, value is in the table */
|
||||
return ((struct symbol *)ef_ptr(type, i))->value;
|
||||
/* value is the table index */
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue