gryf/wmaker
1
0
Fork 0
mirror of https://github.com/gryf/wmaker.git synced 2025-12-20 21:08:08 +01:00
Code Issues Projects Releases Wiki Activity

WUtil: fix undefined behaviour with $VARS in wexpandpath (Coverity #50244)

Browse Source 
As reported by coverity, calling 'wexpandpath' with a path that contains
either '$()', '$(\0' or '$\0' would cause an undefined behaviour because
the 'buffer2' would be uninitialised.

Signed-off-by: Christophe CURIS <christophe.curis@free.fr>
This commit is contained in:
Christophe CURIS
2014-05-18 00:56:44 +02:00
committed by Carlos R. Mafra
parent a72c166b6e
commit c5f103984a
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
WINGs/findfile.c
View File

@@ -138,17 +138,19 @@ char *wexpandpath(const char *path)
char *tmp; char *tmp;
if (*path == '$') { if (*path == '$') {
int j = 0; int j;
path++; path++;
/* expand $(HOME) or $HOME style environment variables */ /* expand $(HOME) or $HOME style environment variables */
if (*path == '(') { if (*path == '(') {
path++; path++;
j = 0;
while (*path != 0 && *path != ')') { while (*path != 0 && *path != ')') {
if (j > PATH_MAX) if (j > PATH_MAX)
goto error; goto error;
buffer2[j++] = *(path++); buffer2[j++] = *(path++);
buffer2[j] = 0;
} }
buffer2[j] = 0;
if (*path == ')') { if (*path == ')') {
path++; path++;
tmp = getenv(buffer2); tmp = getenv(buffer2);
@@ -173,12 +175,13 @@ char *wexpandpath(const char *path)
goto error; goto error;
} }
} else { } else {
j = 0;
while (*path != 0 && *path != '/') { while (*path != 0 && *path != '/') {
if (j > PATH_MAX) if (j > PATH_MAX)
goto error; goto error;
buffer2[j++] = *(path++); buffer2[j++] = *(path++);
buffer2[j] = 0;
} }
buffer2[j] = 0;
tmp = getenv(buffer2); tmp = getenv(buffer2);
if (!tmp) { if (!tmp) {
if ((i += strlen(buffer2) + 1) > PATH_MAX || if ((i += strlen(buffer2) + 1) > PATH_MAX ||