diff options
| author | kcwu <kcwu@63ad8ddf-47c3-0310-b6dd-a9e9d9715204> | 2006-04-08 22:58:06 +0800 |
|---|---|---|
| committer | kcwu <kcwu@63ad8ddf-47c3-0310-b6dd-a9e9d9715204> | 2006-04-08 22:58:06 +0800 |
| commit | 4e8a2c25129260c61df345f15715d75c715cb92c (patch) | |
| tree | 9056598d7d2db1fe74cbe22fcabf047148c00e03 /mbbsd/admin.c | |
| parent | 55e87717eb4ab1efdcba4d2622c1c98c71f871e3 (diff) | |
| download | pttbbs-4e8a2c25129260c61df345f15715d75c715cb92c.tar pttbbs-4e8a2c25129260c61df345f15715d75c715cb92c.tar.gz pttbbs-4e8a2c25129260c61df345f15715d75c715cb92c.tar.bz2 pttbbs-4e8a2c25129260c61df345f15715d75c715cb92c.tar.lz pttbbs-4e8a2c25129260c61df345f15715d75c715cb92c.tar.xz pttbbs-4e8a2c25129260c61df345f15715d75c715cb92c.tar.zst pttbbs-4e8a2c25129260c61df345f15715d75c715cb92c.zip | |
add a lot of assertions to ensure bid is in correct range when access via bid.
git-svn-id: http://opensvn.csie.org/pttbbs/trunk/pttbbs@3341 63ad8ddf-47c3-0310-b6dd-a9e9d9715204
Diffstat (limited to 'mbbsd/admin.c')
| -rw-r--r-- | mbbsd/admin.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/mbbsd/admin.c b/mbbsd/admin.c index d4336052..c75c8ef0 100644 --- a/mbbsd/admin.c +++ b/mbbsd/admin.c @@ -339,6 +339,7 @@ setup_man(const boardheader_t * board, const boardheader_t * oldboard) void delete_symbolic_link(boardheader_t *bh, int bid) { + assert(0<=bid-1 && bid-1<MAX_BOARD); memset(bh, 0, sizeof(boardheader_t)); substitute_record(fn_board, bh, sizeof(boardheader_t), bid); reset_board(bid); @@ -417,6 +418,7 @@ m_mod_board(char *bname) vmsg(err_bid); return -1; } + assert(0<=bid-1 && bid-1<MAX_BOARD); prints("看板名稱:%s\n看板說明:%s\n看板bid:%d\n看板GID:%d\n" "板主名單:%s", bh.brdname, bh.title, bid, bh.gid, bh.BM); bperm_msg(&bh); @@ -482,6 +484,7 @@ m_mod_board(char *bname) prints("看板 %s 原來的 BVote:%d", bh.brdname, bh.bvote); getdata_str(21, 0, "新的 Bvote:", genbuf, 5, LCECHO, bvotebuf); newbh.bvote = atoi(genbuf); + assert(0<=bid-1 && bid-1<MAX_BOARD); substitute_record(fn_board, &newbh, sizeof(newbh), bid); reset_board(bid); log_usies("SetBoardBvote", newbh.brdname); @@ -498,6 +501,7 @@ m_mod_board(char *bname) newbh.brdattr = newbh.brdattr & (!BRD_BAD); else newbh.brdattr = newbh.brdattr | BRD_BAD; + assert(0<=bid-1 && bid-1<MAX_BOARD); substitute_record(fn_board, &newbh, sizeof(newbh), bid); reset_board(bid); log_usies("ViolateLawSet", newbh.brdname); @@ -525,6 +529,7 @@ m_mod_board(char *bname) snprintf(bh.title, sizeof(bh.title), " %s 看板 %s 刪除", bname, cuser.userid); post_msg("Security", bh.title, "請注意刪除的合法性", "[系統安全局]"); + assert(0<=bid-1 && bid-1<MAX_BOARD); substitute_record(fn_board, &bh, sizeof(bh), bid); reset_board(bid); sort_bcache(); @@ -637,6 +642,7 @@ m_mod_board(char *bname) Rename(src, tar); } setup_man(&newbh, &bh); + assert(0<=bid-1 && bid-1<MAX_BOARD); substitute_record(fn_board, &newbh, sizeof(newbh), bid); reset_board(bid); sort_bcache(); @@ -815,6 +821,7 @@ static int add_board_record(const boardheader_t *board) { int bid; if ((bid = getbnum("")) > 0) { + assert(0<=bid-1 && bid-1<MAX_BOARD); substitute_record(fn_board, board, sizeof(boardheader_t), bid); reset_board(bid); sort_bcache(); @@ -952,6 +959,7 @@ int make_symbolic_link(const char *bname, int gid) bid = getbnum(bname); if(bid==0) return -1; + assert(0<=bid-1 && bid-1<MAX_BOARD); memset(&newboard, 0, sizeof(newboard)); /* |