mirrors/ipmitool
1
0
Fork 0
mirror of https://github.com/ipmitool/ipmitool.git synced 2026-01-22 14:22:19 +08:00
Code Issues Packages Projects Releases 2 Wiki Activity

Fix eval logic in ipmi_user_priv()

Browse Source 
Commit fixes bug in eval logic of user input sanitization, resp. && -> ||. Also,
priv_level and user_id variables are initialized to 0 now(CID#1261318).
This commit is contained in:
Zdenek Styblik 2014-12-30 15:33:05 +01:00
parent 48117f5ddf
commit c97dbd3461
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/ipmi_user.c
View File

@ -629,9 +629,9 @@ ipmi_user_test(struct ipmi_intf *intf, int argc, char **argv)
int int
ipmi_user_priv(struct ipmi_intf *intf, int argc, char **argv) ipmi_user_priv(struct ipmi_intf *intf, int argc, char **argv)
{ {
uint8_t user_id;
uint8_t priv_level;
uint8_t channel = 0x0e; /* Use channel running on */ uint8_t channel = 0x0e; /* Use channel running on */
uint8_t priv_level = 0;
uint8_t user_id = 0;
if (argc != 3 && argc != 4) { if (argc != 3 && argc != 4) {
print_user_usage(); print_user_usage();
@ -644,7 +644,7 @@ ipmi_user_priv(struct ipmi_intf *intf, int argc, char **argv)
channel = (channel & 0x0f); channel = (channel & 0x0f);
} }
if (is_ipmi_user_priv_limit(argv[2], &priv_level) != 0 if (is_ipmi_user_priv_limit(argv[2], &priv_level) != 0
&& is_ipmi_user_id(argv[1], &user_id)) { || is_ipmi_user_id(argv[1], &user_id) != 0) {
return (-1); return (-1);
} }
priv_level = (priv_level & 0x0f); priv_level = (priv_level & 0x0f);