emo/sysvinit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Changed the way the "when" variable is used internally in shutdown.c.

Browse Source 
It starts as a NULL pointer, then might get set as a pointer to optarg,
then it might get set to point to an argv parameter, then it might have
a string value copied into it, over-writing the original data. We should
not risk over-writing internal variables which might get used for something
else (it's rude and security risk). Set up "when" as its own buffer
that has data from optargs and/or argv copied into it.

Minor code fixes across multiple source files to avoid buffer
overflows, or uninitialized strings.
This commit is contained in:
Jesse Smith
2019-01-27 15:55:08 -04:00
parent 43b5c64126
commit 483dc777d2
6 changed files with 52 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/logsave.c
View File

@ -282,7 +282,7 @@ int main(int argc, char **argv)
outfn = argv[optind];
optind++;
argv += optind;
argc -= optind;
/* argc -= optind; - this is not used */
outfd = open(outfn, openflags, 0644);
do_stdin = !strcmp(argv[0], "-");