cmdline: check size of result buffer to avoid overflow

[libcmdline.git] / src / lib / cmdline_parse_string.c

diff --git a/src/lib/cmdline_parse_string.c b/src/lib/cmdline_parse_string.c
index 775024c..1b9fdb8 100644 (file)
--- a/src/lib/cmdline_parse_string.c
+++ b/src/lib/cmdline_parse_string.c
@@ -127,12 +127,16 @@ static int parse_fixed_string(struct cmdline_token_string_data *sd,
 }
 
 int
-cmdline_parse_string(cmdline_parse_token_hdr_t *tk, const char *buf, void *res)
+cmdline_parse_string(cmdline_parse_token_hdr_t *tk, const char *buf, void *res,
+                    unsigned ressize)
 {
        struct cmdline_token_string *tk2 = (struct cmdline_token_string *)tk;
        struct cmdline_token_string_data *sd = &tk2->string_data;;
        unsigned int token_len;
 
+       if (res && ressize < STR_TOKEN_SIZE)
+               return -1;
+
        token_len = strlen(buf);
 
        if (token_len >= (STR_TOKEN_SIZE - 1) || token_len == 0)