Xin LI c1c4677aec When reading in the original file name from gzip header, we read
in PATH_MAX + 1 bytes from the file.  In r281500, strrchr() is
used to strip possible path portion of the file name to mitigate
a possible attack.  Unfortunately, strrchr() expects a buffer
that is NUL-terminated, and since we are processing potentially
untrusted data, we can not assert that be always true.

Solve this by reading in one less byte (now PATH_MAX) and
explicitly terminate the buffer after the read size with NUL.

Reported by:	Coverity
CID:		1264915
X-MFC-with:	281500
MFC after:	13 days
2015-04-15 00:07:21 +00:00
..
2015-04-13 19:46:30 +00:00
2014-11-25 14:29:10 +00:00
2011-10-16 07:35:26 +00:00
2014-10-23 01:22:29 +00:00
2014-10-23 01:22:29 +00:00
2014-06-26 00:31:58 +00:00