emo/procps
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

Possible segfault in file2strvec introduced by latest CVE fix

Browse Source 
'rbuf' used before allocated.
Revealed by static analysis

References:
 commit 36e066df52eedf147a51e4cf3a86fd13748d6f79

Signed-off-by: Craig Small <csmall@enc.com.au>
This commit is contained in:
Jan Rybar 2018-08-08 20:06:57 +10:00 committed by Craig Small
parent 16bd4cd5aa
commit 7febddabd8
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
proc/readproc.c
View File

@ -744,7 +744,8 @@ static char** file2strvec(const char* directory, const char* what) {
#undef ARG_LEN #undef ARG_LEN
if (end_of_file && if (end_of_file &&
((n > 0 && buf[n-1] != '\0') || /* last read char not null */ ((n > 0 && buf[n-1] != '\0') || /* last read char not null */
(n <= 0 && rbuf[tot-1] != '\0'))) /* last read char not null */ (n <= 0 && rbuf && rbuf[tot-1] != '\0'))) /* last read char not null */
buf[n++] = '\0'; /* so append null-terminator */ buf[n++] = '\0'; /* so append null-terminator */
if (n <= 0) break; /* unneeded (end_of_file = 1) but avoid realloc */ if (n <= 0) break; /* unneeded (end_of_file = 1) but avoid realloc */