From 6fa6843a8d3ba9576a331c57818a5ecbe08a0f45 Mon Sep 17 00:00:00 2001
From: Patrick Georgi <patrick@georgi-clan.de>
Date: Sun, 3 Aug 2014 15:27:35 +0200
Subject: sconfig: improve argument parsing

Running sconfig with four arguments where the third
does not match /-./ made sconfig use uninitialized
memory to build the output filename.

Change-Id: If4a147ff23771ca9b6a913605af60249be1ca3d0
Found-By: Coverity Scan
Signed-off-by: Patrick Georgi <patrick@georgi-clan.de>
Reviewed-on: http://review.coreboot.org/6483
Tested-by: build bot (Jenkins)
Reviewed-by: Edward O'Callaghan <eocallaghan@alterapraxis.com>
---
 util/sconfig/main.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/util/sconfig/main.c b/util/sconfig/main.c
index c439951d0d..a37523c27d 100644
--- a/util/sconfig/main.c
+++ b/util/sconfig/main.c
@@ -570,7 +570,10 @@ int main(int argc, char** argv) {
 		scan_mode = STATIC_MODE;
 		outputc=malloc(strlen(outputdir)+20);
 		sprintf(outputc, "%s/static.c", outputdir);
-	} else if ((argc == 5) && (argv[3][0] == '-') && (argv[3][2] == 0)) {
+	} else if (argc == 5) {
+		if ((argv[3][0] != '-') || (argv[3][2] == 0)) {
+			usage();
+		}
 
 		switch (argv[3][1]) {
 		case 's':
-- 
cgit v1.2.3