equipment: sanitize 'ws_info' loop limits

Instead of a constant or a macro for the maximum number of 'ws_info' elements the 100 literal was used. Define MAX_WS_INFO in dive.h and use it everywhere. Also clamp loops that iterate `ws_info' to MAX_WS_INFO. Prevents potential out-of-bounds reading, similarly to the previous commit about 'tank_info'. Signed-off-by: Lubomir I. Ivanov <neolit123@gmail.com>
author: Lubomir I. Ivanov <neolit123@gmail.com> 2018-06-19 03:59:33 +0300
committer: Dirk Hohndel <dirk@hohndel.org> 2018-06-20 09:30:58 +0900
commit: 06a870c232513aca96a624535d648a6e7c098e5f (patch)
tree: e6ed0b467310dec2ccbf1e4c6b83d026564fc4cf /core/dive.h
parent: 769aca9e956cd4bb7cc97be813968348f5e7f3d2 (diff)
download: subsurface-06a870c232513aca96a624535d648a6e7c098e5f.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/core/dive.h b/core/dive.h
index 326dfe54b..3ab270261 100644
--- a/core/dive.h
+++ b/core/dive.h
@@ -275,6 +275,7 @@ struct divecomputer {
 #define MAX_CYLINDERS (20)
 #define MAX_WEIGHTSYSTEMS (6)
 #define MAX_TANK_INFO (100)
+#define MAX_WS_INFO (100)
 #define W_IDX_PRIMARY 0
 #define W_IDX_SECONDARY 1
 
@@ -944,7 +945,7 @@ struct ws_info_t {
 	const char *name;
 	int grams;
 };
-extern struct ws_info_t ws_info[100];
+extern struct ws_info_t ws_info[MAX_WS_INFO];
 
 extern bool cylinder_nodata(const cylinder_t *cyl);
 extern bool cylinder_none(void *_data);
author	Lubomir I. Ivanov <neolit123@gmail.com>	2018-06-19 03:59:33 +0300
committer	Dirk Hohndel <dirk@hohndel.org>	2018-06-20 09:30:58 +0900
commit	06a870c232513aca96a624535d648a6e7c098e5f (patch)
tree	e6ed0b467310dec2ccbf1e4c6b83d026564fc4cf /core/dive.h
parent	769aca9e956cd4bb7cc97be813968348f5e7f3d2 (diff)
download	subsurface-06a870c232513aca96a624535d648a6e7c098e5f.tar.gz