* cpio.c (cpio_create_entry): Fix possible buffer underflow

and memory leak.
This commit is contained in:
Pavel Roskin 2003-11-12 17:10:48 +00:00
parent 90ec22ad39
commit d2e2f5c544
2 changed files with 8 additions and 2 deletions

View File

@ -1,3 +1,8 @@
2003-11-12 Andrew V. Samoilov <sav@bcs.zp.ua>
* cpio.c (cpio_create_entry): Fix possible buffer underflow
and memory leak.
2003-11-08 Pavel Roskin <proski@gnu.org> 2003-11-08 Pavel Roskin <proski@gnu.org>
* gc.c: Make getid(), nothingisopen() and free() methods * gc.c: Make getid(), nothingisopen() and free() methods

View File

@ -436,8 +436,8 @@ cpio_create_entry (struct vfs_class *me, struct vfs_s_super *super,
} }
} }
while (name[strlen (name) - 1] == PATH_SEP) for (tn = name + strlen (name) - 1; tn >= name && *tn == PATH_SEP; tn--)
name[strlen (name) - 1] = 0; *tn = 0;
if ((tn = strrchr (name, PATH_SEP))) { if ((tn = strrchr (name, PATH_SEP))) {
*tn = 0; *tn = 0;
root = vfs_s_find_inode (me, super, name, LINK_FOLLOW, FL_MKDIR); root = vfs_s_find_inode (me, super, name, LINK_FOLLOW, FL_MKDIR);
@ -491,6 +491,7 @@ cpio_create_entry (struct vfs_class *me, struct vfs_s_super *super,
if (mc_read (super->u.arch.fd, inode->linkname, stat->st_size) if (mc_read (super->u.arch.fd, inode->linkname, stat->st_size)
< stat->st_size) { < stat->st_size) {
inode->linkname[0] = 0; inode->linkname[0] = 0;
g_free (name);
return STATUS_EOF; return STATUS_EOF;
} }
inode->linkname[stat->st_size] = 0; /* Linkname stored without terminating \0 !!! */ inode->linkname[stat->st_size] = 0; /* Linkname stored without terminating \0 !!! */