From d278f381d28f6a4ebc82f4f7ea838961ebb466a3 Mon Sep 17 00:00:00 2001
From: Ben Chan <benchan@chromium.org>
Date: Thu, 13 Feb 2014 13:10:17 -0800
Subject: tests: fix array bound checks in process_next_command

This patch fixes the out-of-bounds array accesses in test-port-context.c,
which is detected by AddressSanitizer, by checking the index against the
array length before accessing the array.
---
 plugins/tests/test-port-context.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'plugins/tests/test-port-context.c')

diff --git a/plugins/tests/test-port-context.c b/plugins/tests/test-port-context.c
index aad359e8..cbf202f0 100644
--- a/plugins/tests/test-port-context.c
+++ b/plugins/tests/test-port-context.c
@@ -100,13 +100,13 @@ process_next_command (TestPortContext *ctx,
     static const gchar *error_response = "\r\nERROR\r\n";
 
     /* Find command end */
-    while (buffer->data[i] != '\r' && buffer->data[i] != '\n' && i < buffer->len)
+    while (i < buffer->len && buffer->data[i] != '\r' && buffer->data[i] != '\n')
         i++;
     if (i ==  buffer->len)
         /* no command */
         return NULL;
 
-    while ((buffer->data[i] == '\r' || buffer->data[i] == '\n') && i < buffer->len)
+    while (i < buffer->len && (buffer->data[i] == '\r' || buffer->data[i] == '\n'))
         buffer->data[i++] = '\0';
 
     /* Setup command and lookup response */
-- 
cgit v1.2.3-70-g09d2