[PATCH] rsh.c unterminated string
The change I made to rsh.c would leave the string unterminated under certain conditions, which unfortunately always applied! This patch fixes this. For some reason this never bit on i386 or ppc, but bit me on x86-64. Fix situation where the buffer was not properly null-terminated. Signed-off-by: H. Peter Anvin <hpa@zytor.com> Signed-off-by: Junio C Hamano <junkio@cox.net>
This commit is contained in:
parent
628cd5430f
commit
e433b071fe
10
rsh.c
10
rsh.c
@ -53,6 +53,7 @@ static int add_to_string(char **ptrp, int *sizep, const char *str, int quote)
|
|||||||
char *p = *ptrp;
|
char *p = *ptrp;
|
||||||
int size = *sizep;
|
int size = *sizep;
|
||||||
int oc;
|
int oc;
|
||||||
|
int err = 0;
|
||||||
|
|
||||||
if ( quote ) {
|
if ( quote ) {
|
||||||
oc = shell_quote(p, size, str);
|
oc = shell_quote(p, size, str);
|
||||||
@ -62,15 +63,14 @@ static int add_to_string(char **ptrp, int *sizep, const char *str, int quote)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ( oc >= size ) {
|
if ( oc >= size ) {
|
||||||
p[size-1] = '\0';
|
err = 1;
|
||||||
*ptrp += size-1;
|
oc = size-1;
|
||||||
*sizep = 1;
|
|
||||||
return 1; /* Overflow, string unusable */
|
|
||||||
}
|
}
|
||||||
|
|
||||||
*ptrp += oc;
|
*ptrp += oc;
|
||||||
|
**ptrp = '\0';
|
||||||
*sizep -= oc;
|
*sizep -= oc;
|
||||||
return 0;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
int setup_connection(int *fd_in, int *fd_out, const char *remote_prog,
|
int setup_connection(int *fd_in, int *fd_out, const char *remote_prog,
|
||||||
|
Loading…
Reference in New Issue
Block a user