Bounds check first.
authorEmil Mikulic <emikulic@gmail.com>
Tue, 21 Aug 2018 15:14:17 +0000 (01:14 +1000)
committerEmil Mikulic <emikulic@gmail.com>
Sun, 9 Dec 2018 11:40:29 +0000 (22:40 +1100)
Found with: cppcheck

darkhttpd.c

index 1c5eff5..951d689 100644 (file)
@@ -1575,7 +1575,7 @@ static void parse_range_field(struct connection *conn) {
         /* parse number up to hyphen */
         bound1 = 0;
         for (bound2=0;
-            isdigit((int)range[bound2]) && (bound2 < len);
+            (bound2 < len) && isdigit((int)range[bound2]);
             bound2++)
                 ;
 
@@ -1590,7 +1590,7 @@ static void parse_range_field(struct connection *conn) {
         /* parse number after hyphen */
         bound2++;
         for (bound1=bound2;
-            isdigit((int)range[bound2]) && (bound2 < len);
+            (bound2 < len) && isdigit((int)range[bound2]);
             bound2++)
                 ;