Fix an annoying bug in tar. When it converted 'tar zcf' to 'tar -z -c -f'
it forgot to null terminate the new argv[] array. If you mixed this with $TAR_OPTIONS, phkmalloc and a whole bunch of other variables, you could end up with a segfault. This isn't strictly a phkmalloc victory since tar walks off the end of an array rather than use uninitialized malloc memory, but phkmalloc makes it easier to provoke.
This commit is contained in:
parent
fc3a3ee720
commit
022effcc3e
@ -549,7 +549,7 @@ decode_options (int argc, char **argv)
|
||||
/* Allocate a new argument array, and copy program name in it. */
|
||||
|
||||
new_argc = argc - 1 + strlen (argv[1]);
|
||||
new_argv = xmalloc (new_argc * sizeof (char *));
|
||||
new_argv = xmalloc ((new_argc + 1) * sizeof (char *));
|
||||
in = argv;
|
||||
out = new_argv;
|
||||
*out++ = *in++;
|
||||
@ -577,6 +577,9 @@ decode_options (int argc, char **argv)
|
||||
while (in < argv + argc)
|
||||
*out++ = *in++;
|
||||
|
||||
/* And NULL terminate the argv[] array */
|
||||
*out++ = NULL;
|
||||
|
||||
/* Replace the old option list by the new one. */
|
||||
|
||||
argc = new_argc;
|
||||
|
Loading…
Reference in New Issue
Block a user