projects / mesa.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9e98c1f)
progs/demos: Bounds check input to fire.c.
authorVinson Lee <vlee@vmware.com>
Sun, 10 Jan 2010 08:40:46 +0000 (00:40 -0800)
committerVinson Lee <vlee@vmware.com>
Sun, 10 Jan 2010 08:40:46 +0000 (00:40 -0800)
progs/demos/fire.c patch | blob | history

diff --git a/progs/demos/fire.c b/progs/demos/fire.c
index f30b893dbf38d7e1a0964266567899e16a65ad5e..475582c81baa2a509fc146551531c475136e6164 100644 (file)
--- a/progs/demos/fire.c
+++ b/progs/demos/fire.c
@@ -726,8 +726,13 @@ main(int ac, char **av)
 
    maxage = 1.0 / dt;
 
-   if (ac == 2)
+   if (ac == 2) {
       np = atoi(av[1]);
+      if (np <= 0 || np > 1000000) {
+         fprintf(stderr, "Invalid input.\n");
+         exit(-1);
+      }
+   }
 
    if (ac == 4) {
       WIDTH = atoi(av[2]);
@@ -762,6 +767,7 @@ main(int ac, char **av)
 
    assert(np > 0);
    p = (part *) malloc(sizeof(part) * np);
+   assert(p);
 
    for (i = 0; i < np; i++)
       setnewpart(&p[i]);