Skip to content

M
mpd
Commit a6bb3cf6 authored by Max Kellermann's avatar Max Kellermann
Browse files
Options

command/queue: use StringIsEqual() instead of memcmp()

memcmp() can overflow the buffer.
parent 004da5d3
Show whitespace changes
Inline Side-by-side
Showing with 2 additions and 1 deletion
src/command/QueueCommands.cxx
View file @ a6bb3cf6
...@@ -34,6 +34,7 @@ ...@@ -34,6 +34,7 @@
#include "Partition.hxx" #include "Partition.hxx"
#include "BulkEdit.hxx" #include "BulkEdit.hxx"
#include "util/ConstBuffer.hxx" #include "util/ConstBuffer.hxx"
#include "util/StringAPI.hxx"
#include "util/UriUtil.hxx" #include "util/UriUtil.hxx"
#include "util/NumberParser.hxx" #include "util/NumberParser.hxx"
#include "util/Error.hxx" #include "util/Error.hxx"
...@@ -85,7 +86,7 @@ CommandResult ...@@ -85,7 +86,7 @@ CommandResult
handle_add(Client &client, Request args, Response &r) handle_add(Client &client, Request args, Response &r)
{ {
const char *uri = args.front(); const char *uri = args.front();
if (memcmp(uri, "/", 2) == 0) if (StringIsEqual(uri, "/"))
/* this URI is malformed, but some clients are buggy /* this URI is malformed, but some clients are buggy
and use "add /" to add the whole database, which and use "add /" to add the whole database, which
was never intended to work, but once did; in order was never intended to work, but once did; in order
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment