pan: fix potential overrun in tag_report

char *cuts_info[5]; ... while (tok_num < 5 && (cuts_info[++tok_num] = strtok(NULL, "\t ")) != NULL) ; While above can run for tok_num == 4, in which case: cuts_info[++tok_num] becomes cuts_info[5] and that is outside of cuts_info array. Signed-off-by: Jan Stancek <jstancek@redhat.com> Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
author: Jan Stancek <jstancek@redhat.com> 2013-03-21 16:08:26 +0100
committer: Wanlong Gao <gaowanlong@cn.fujitsu.com> 2013-03-22 10:43:09 +0800
commit: f56e615d4b0b931a104c3daa0f4ed62a2c6a3e2c (patch)
tree: c5bd2a92aa2e942ccdc46c2c8aefee51c70ec051 /pan
parent: 575f9932699347440201d5ca6814cbe16cf35ac5 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/pan/tag_report.c b/pan/tag_report.c
index 473bed1d1..61caabd56 100644
--- a/pan/tag_report.c
+++ b/pan/tag_report.c
@@ -425,7 +425,7 @@ SYM tags;
 int cuts_testcase(tag, keys)
 SYM tag, keys;
 {
-	char *cuts_info[5];
+	char *cuts_info[6];
 	char key[KEYSIZE];
 	char *oldresult, *newresult, *worst_case();
 	int tok_num = 0;
author	Jan Stancek <jstancek@redhat.com>	2013-03-21 16:08:26 +0100
committer	Wanlong Gao <gaowanlong@cn.fujitsu.com>	2013-03-22 10:43:09 +0800
commit	f56e615d4b0b931a104c3daa0f4ed62a2c6a3e2c (patch)
tree	c5bd2a92aa2e942ccdc46c2c8aefee51c70ec051 /pan
parent	575f9932699347440201d5ca6814cbe16cf35ac5 (diff)