From 30f509686d8abc2ffd7fe34401d00cf7a86d8ea9 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Rafa=C5=82=20Mi=C5=82ecki?= Date: Sun, 9 Dec 2018 14:22:17 +0100 Subject: [PATCH] block: validate amount of arguments for the "autofs" command MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Using argv[3] without checking argc value could result in undefined behavior. It could result in a crash or accessing a NULL that separates argv from envp on UNIX. Signed-off-by: Rafał Miłecki Acked-by: John Crispin --- block.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/block.c b/block.c index 46050b4..a0bbf47 100644 --- a/block.c +++ b/block.c @@ -1157,6 +1157,10 @@ static int main_autofs(int argc, char **argv) } return 0; } + + if (argc < 4) + return -EINVAL; + return mount_action(argv[2], argv[3], TYPE_AUTOFS); } -- 2.30.2