From 60d87af129d7be6fe6a73362c7144d47aa98fe2c Mon Sep 17 00:00:00 2001
From: piaip <piaip@63ad8ddf-47c3-0310-b6dd-a9e9d9715204>
Date: Tue, 2 Jun 2009 15:22:38 +0000
Subject: the 'D' command on hot boards (using safe_delete) must check valid
 range (reported by YTDoctor@ptt)

git-svn-id: http://opensvn.csie.org/pttbbs/trunk/pttbbs@4489 63ad8ddf-47c3-0310-b6dd-a9e9d9715204
---
 mbbsd/record.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/mbbsd/record.c b/mbbsd/record.c
index 83bafe76..7e6206e8 100644
--- a/mbbsd/record.c
+++ b/mbbsd/record.c
@@ -300,7 +300,9 @@ safe_article_delete_range(const char *direct, int from, int to)
 	lseek(fd, sizeof(fileheader_t) * (from - 1), SEEK_SET) != -1 ){
 
 	for( ; from <= to ; ++from ){
-	    read(fd, &newfhdr, sizeof(fileheader_t));
+	    // the (from, to) range may be invalid...
+	    if (read(fd, &newfhdr, sizeof(fileheader_t)) != sizeof(fileheader_t))
+		break;
 	    if( newfhdr.filemode & (FILE_MARKED | FILE_DIGEST) )
 		continue;
 	    if(newfhdr.filename[0]=='L') newfhdr.filename[0]='M';
-- 
cgit v1.2.3