fix potential out of bounds pointer deref

I noticed that if find_first_wholeword() is called with word at the very beginning of p, we will deref *(p - 1) to see if it is a word boundary. Fix by considering p = p0 to be a word boundary. Signed-off-by: Dwight Engen <dwight.engen@oracle.com> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

fix potential out of bounds pointer deref
3327917f · Dwight Engen · Serge Hallyn · 9313e1e6 · 3327917f
Commit 3327917f authored Jul 09, 2013 by Dwight Engen Committed by Serge Hallyn Jul 10, 2013
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 2 deletions

lxccontainer.c src/lxc/lxccontainer.c +5 -2

No files found.
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -1534,13 +1534,16 @@ static int is_word_sep(char c)
 	}
 }
-static const char *find_first_wholeword(const char *p, const char *word)
+static const char *find_first_wholeword(const char *p0, const char *word)
 {
+	const char *p = p0;
 	if (!p)
 		return NULL;
 	while ((p = strstr(p, word)) != NULL) {
-		if (is_word_sep(*(p-1)) && is_word_sep(p[strlen(word)]))
+		if ((p == p0 || is_word_sep(*(p-1))) &&
+		    is_word_sep(p[strlen(word)]))
 			return p;
 		p++;
 	}