fix parsing vulnerability

2025-08-13 08:12:38 +10:00 · 2025-08-13 08:12:38 +10:00 · 4aab1431ed
commit 4aab1431ed
parent 81a2ea4414
1 changed files with 10 additions and 9 deletions
--- a/rdo.c
+++ b/rdo.c
@ -33,22 +33,23 @@ char* getpwhash(struct passwd* pw) {
 void getconf(FILE* fp, const char* entry, char* result, size_t len_result) {
    char* line = NULL;
    size_t len = 0;
+    size_t entry_len = strlen(entry);

    fseek(fp, 0, SEEK_SET);

    while (getline(&line, &len, fp) != -1) {
-        if (strncmp(entry, line, strlen(entry)) == 0) {
-            strtok(line, "=");
-            char* token = strtok(NULL, "=");
-            if (token) {
-                strncpy(result, token, len_result);
-                result[strcspn(result, "\n")] = 0;
-                free(line);
-                return;
-            }
+        if (strncmp(line, entry, entry_len) == 0 &&
+            (line[entry_len] == '=')) {
+            char* value = line + entry_len + 1;
+            value[strcspn(value, "\n")] = 0;
+            strncpy(result, value, len_result);
+            result[len_result - 1] = '\0';
+            free(line);
+            return;
        }
    }

+    free(line);
    errx(1, "Could not get '%s' entry in config", entry);
 }