[CVS] RPM: rpm-5_4: rpm/rpmio/ argv.c

Mon, 16 Feb 2015 13:38:22 -0800 

  RPM Package Manager, CVS Repository
  http://rpm5.org/cvs/
  ____________________________________________________________________________

  Server: rpm5.org                         Name:   Jeff Johnson
  Root:   /v/rpm/cvs                       Email:  j...@rpm5.org
  Module: rpm                              Date:   16-Feb-2015 22:36:16
  Branch: rpm-5_4                          Handle: 2015021621361600

  Modified files:           (Branch: rpm-5_4)
    rpm/rpmio               argv.c

  Log:
    - argv: fix: rewrite to avoid a buffer underflow (clang
    -fsanitize:address).

  Summary:
    Revision    Changes     Path
    1.20.4.4    +2  -3      rpm/rpmio/argv.c
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: rpm/rpmio/argv.c
  ============================================================================
  $ cvs diff -u -r1.20.4.3 -r1.20.4.4 argv.c
  --- rpm/rpmio/argv.c  29 Aug 2014 17:27:53 -0000      1.20.4.3
  +++ rpm/rpmio/argv.c  16 Feb 2015 21:36:16 -0000      1.20.4.4
  @@ -314,9 +314,8 @@
       while (!rc && (b = fgets(buf, (int)sizeof(buf), fp)) != NULL) {
        buf[sizeof(buf)-1] = '\0';
        be = b + strlen(buf);
  -     if (be > b) be--;
  -     while (strchr("\r\n", *be) != NULL)
  -         *be-- = '\0';
  +     while (--be >= b && strchr("\r\n", *be) != NULL)
  +         *be = '\0';
        rc = argvAdd(&av, b);
       }
   
  @@ .
______________________________________________________________________
RPM Package Manager                                    http://rpm5.org
CVS Sources Repository                                rpm-cvs@rpm5.org

Reply via email to