nfs_clvfsops: Prevent strdup of stack garbage with bogus mount specs

If strlen(hostp) was zero, the stack array 'nam' would never be initialized before being strdup()ed. Fix this by initializing it to the empty string. It's possible some external condition makes this case impossible, in which case, an assertion instead of this workaround is appropriate. Introduced in r299848. Reported by: Coverity CID: 1355336 Sponsored by: EMC / Isilon Storage Division
2016-06-07 20:00:20 +00:00 · 2016-06-07 20:00:20 +00:00 · 15634fd60c
commit 15634fd60c
parent 16fb86ab35
1 changed files with 2 additions and 1 deletions
--- a/sys/fs/nfsclient/nfs_clvfsops.c
+++ b/sys/fs/nfsclient/nfs_clvfsops.c
@ -806,7 +806,8 @@ nfs_mount_parse_from(struct vfsoptlist *opts, char **hostnamep,
 		nam[len + offset++] = ':';
 		memmove(nam + len + offset, spec, speclen);
 		nam[len + speclen + offset] = '\0';
-	}
+	} else
+		nam[0] = '\0';

 	/*
 	 * XXX: IPv6