From 4f38e9f24971762540da9d5457dfa9e5e03d53ee Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@redhat.com>
Date: Fri, 30 Sep 2011 20:13:01 +0200
Subject: ls: avoid reading beyond end of color indicator

At first this looked like a buffer overrun, since there was no test
to ensure that the buffer length was 6.  However, since the LS_COLORS
string is NUL-terminated and since settings within it are separated by
":" there was neither the risk of reading beyond end of buffer nor risk
of a false-positive match.
* src/ls.c (print_color_indicator): Use color_symlink_as_referent
rather than manually comparing against "target" again.
* src/system.h (STRNCMP_LIT): Correct description in comment.
---
 src/ls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/ls.c')

diff --git a/src/ls.c b/src/ls.c
index 680a7c315..c1b19188c 100644
--- a/src/ls.c
+++ b/src/ls.c
@@ -4204,7 +4204,7 @@ print_color_indicator (const struct fileinfo *f, bool symlink_target)
         }
       else if (S_ISLNK (mode))
         type = ((!linkok
-                 && (!STRNCMP_LIT (color_indicator[C_LINK].string, "target")
+                 && (color_symlink_as_referent
                      || color_indicator[C_ORPHAN].string))
                 ? C_ORPHAN : C_LINK);
       else if (S_ISFIFO (mode))
-- 
cgit v1.2.3-54-g00ecf