diff options
| author | Solomon Peachy <pizza@shaftnet.org> | 2020-04-18 10:23:26 -0400 |
|---|---|---|
| committer | Solomon Peachy <pizza@shaftnet.org> | 2020-07-21 02:20:26 +0000 |
| commit | bf546fbfcbf87f7ce44a36f8696ff5acd15f6817 (patch) | |
| tree | 877beedb82f1616a6e2aa1ca4fd93a95025ae104 | |
| parent | 5c30d57ad1391043d773e770b9014fb2fce9c500 (diff) | |
| download | rockbox-bf546fbfcbf87f7ce44a36f8696ff5acd15f6817.tar.gz rockbox-bf546fbfcbf87f7ce44a36f8696ff5acd15f6817.zip | |
Run-time validation of INT settings.
Check against min/max/step parameters
Many places this value is used as an index into an array; this will
help prevent array overflows and undefined/undesireable behavior.
Some fields accept arbitary values, continue to accept those.
Change-Id: Idbb5a17b7ceae5500660987703e2d6c16e920c92
| -rw-r--r-- | apps/settings.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/apps/settings.c b/apps/settings.c index 2841133957..32391a1f53 100644 --- a/apps/settings.c +++ b/apps/settings.c @@ -311,7 +311,13 @@ bool settings_load_config(const char* file, bool apply) #endif if (settings[i].cfg_vals == NULL) { - *(int*)settings[i].setting = atoi(value); + if (settings[i].flags&F_ALLOW_ARBITRARY_VALS || + (temp >= settings[i].int_setting->min && + temp <= settings[i].int_setting->max && + temp % settings[i].int_setting->step == 0)) + { + *(int*)settings[i].setting = atoi(value); + } } else { |