Explicitly NUL terminate the buffer filled by fread().
The fix in r300649 was not sufficient to convince Coverity that the buffer was NUL terminated, even with the buffer pre-zeroed. Swap the size and nmemb arguments to fread() so that a valid lenght is returned, which we can use to terminate the string in the buffer at the correct location. This should also quiet the complaint about the return value of fread() not being checked. Reported by: Coverity CID: 1019054, 1009614 MFC after: 1 week
This commit is contained in:
truckman
parent
ef4ada7b76
commit
7f608aeba9
@ -43,13 +43,12 @@ acl_t
|
||||
get_acl_from_file(const char *filename)
|
||||
{
|
||||
FILE *file;
|
||||
size_t len;
|
||||
char buf[BUFSIZ+1];
|
||||
|
||||
if (filename == NULL)
|
||||
err(1, "(null) filename in get_acl_from_file()");
|
||||
|
||||
bzero(&buf, sizeof(buf));
|
||||
|
||||
if (strcmp(filename, "-") == 0) {
|
||||
if (have_stdin != 0)
|
||||
err(1, "cannot specify more than one stdin");
|
||||
@ -61,7 +60,8 @@ get_acl_from_file(const char *filename)
|
||||
err(1, "fopen() %s failed", filename);
|
||||
}
|
||||
|
||||
fread(buf, sizeof(buf) - 1, (size_t)1, file);
|
||||
len = fread(buf, (size_t)1, sizeof(buf) - 1, file);
|
||||
buf[len] = '\0';
|
||||
if (ferror(file) != 0) {
|
||||
fclose(file);
|
||||
err(1, "error reading from %s", filename);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user