From f5556fec326d5ec149f676dbdfe3d408d3a8902e Mon Sep 17 00:00:00 2001 From: Mattias Andrée Date: Wed, 15 Nov 2017 22:35:36 +0100 Subject: Validate input given with -x is specified MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Mattias Andrée --- common.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/common.c b/common.c index 4fc2cce..8930d08 100644 --- a/common.c +++ b/common.c @@ -169,16 +169,21 @@ generalised_sum_fd_hex(int fd, libkeccak_state_t *restrict state, r = w = 0; while (r < (size_t)got) { c = chunk[r++]; - if (c <= ' ') - continue; - buf = (buf << 4) | ((c & 15) + (c > '9' ? 9 : 0)); - if ((even ^= 1)) - chunk[w++] = buf; + if (isxdigit(c)) { + buf = (buf << 4) | ((c & 15) + (c > '9' ? 9 : 0)); + if ((even ^= 1)) + chunk[w++] = buf; + } else if (!isspace(c)) { + user_error("file is malformated"); + } } if (libkeccak_fast_update(state, chunk, w) < 0) return -1; } + if (!even) + user_error("file is malformated"); + return libkeccak_fast_digest(state, NULL, 0, 0, suffix, hash); } -- cgit v1.2.3-70-g09d2