From 6b9d4569dd64701599f30fbbdd4bd02febeff57c Mon Sep 17 00:00:00 2001
From: Markus Uhlin <markus@nifty-networks.net>
Date: Sat, 28 Mar 2026 09:54:51 +0100
Subject: Casted enum to int and added array index bounds checking

---
 FICS/lists.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

(limited to 'FICS/lists.c')

diff --git a/FICS/lists.c b/FICS/lists.c
index f88d24d..753bc67 100644
--- a/FICS/lists.c
+++ b/FICS/lists.c
@@ -507,10 +507,18 @@ com_showlist(int p, param_list param)
 		pprintf(p, "Lists:\n\n");
 
 		for (i = 0; ListArray[i].name != NULL; i++) {
-			if ((rights = ListArray[i].rights) > P_ADMIN ||
+			// XXX: casting enum to int
+			if ((rights = (int)ListArray[i].rights) > P_ADMIN ||
 			    parray[p].adminLevel >= ADMIN_ADMIN) {
-				pprintf(p, "%-20s is %s\n", ListArray[i].name,
-				    rightnames[rights]);
+				if (rights < 0 ||
+				    (size_t)rights >= ARRAY_SIZE(rightnames)) {
+					warnx("%s: out-of-bounds array index "
+					    "detected", __func__);
+				} else {
+					pprintf(p, "%-20s is %s\n",
+					    ListArray[i].name,
+					    rightnames[rights]);
+				}
 			}
 		}
 	} else { // find match in index
-- 
cgit v1.2.3