[Openais] [PATCH] don't let a NUL input byte cause memory corruption (line[-1] = 0; )

Jan Friesse jfriesse at redhat.com
Thu Jun 4 00:44:45 PDT 2009


Jim,
ACK from me, but only amfutil does make sense. We will throw away
openaisparser and replace it by coroparse, which doesn't have this
problem, it's able to handle EOLs like \r, \n, \r\n, and handle lines
without newline. At least I hope this is still plan, before 1.0.

Regards,
  Honza

Jim Meyering wrote:
> From b922eca944bc5d4104521404ff54d985d65e895f Mon Sep 17 00:00:00 2001
> From: Jim Meyering <meyering at redhat.com>
> Date: Wed, 3 Jun 2009 20:15:56 +0200
> Subject: [PATCH] don't let a NUL input byte cause memory corruption (line[-1] = 0;)
> 
> * services/openaisparser.c (parse_section): Handle the case in which
> the first byte on a "line" is the NUL byte.
> * services/amfutil.c (amf_config_read): Likewise.
> ---
>  services/amfutil.c       |    6 ++++--
>  services/openaisparser.c |    6 ++++--
>  2 files changed, 8 insertions(+), 4 deletions(-)
> 
> diff --git a/services/amfutil.c b/services/amfutil.c
> index 9c899f9..8ebadad 100644
> --- a/services/amfutil.c
> +++ b/services/amfutil.c
> @@ -10,7 +10,7 @@
>   * - Refactoring of code into several AMF files
>   * - Serializers/deserializers
>   *
> - * Copyright (c) 2007-2008 Red Hat, Inc.
> + * Copyright (c) 2007-2009 Red Hat, Inc.
>   *
>   * All rights reserved.
>   *
> @@ -325,7 +325,9 @@ struct amf_cluster *amf_config_read (char **error_string)
>  	while (fgets (buf, 255, fp)) {
>  		line_number += 1;
>  		line = buf;
> -		line[strlen(line) - 1] = '\0';
> +		if (strlen(line) > 0) {
> +			line[strlen(line) - 1] = '\0';
> +		}
>  		/*
>  		 * Clear out comments and empty lines
>  		 */
> diff --git a/services/openaisparser.c b/services/openaisparser.c
> index 7226f1b..50a638e 100644
> --- a/services/openaisparser.c
> +++ b/services/openaisparser.c
> @@ -1,5 +1,5 @@
>  /*
> - * Copyright (c) 2006 Red Hat, Inc.
> + * Copyright (c) 2006, 2009 Red Hat, Inc.
>   *
>   * All rights reserved.
>   *
> @@ -117,7 +117,9 @@ static int parse_section(FILE *fp,
>  	char *loc;
> 
>  	while (fgets (line, 255, fp)) {
> -		line[strlen(line) - 1] = '\0';
> +		if (strlen(line) > 0) {
> +			line[strlen(line) - 1] = '\0';
> +		}
>  		/*
>  		 * Clear out white space and tabs
>  		 */
> --
> 1.6.3.1.333.g3ebba7
> _______________________________________________
> Openais mailing list
> Openais at lists.linux-foundation.org
> https://lists.linux-foundation.org/mailman/listinfo/openais



More information about the Openais mailing list