If the user supplies enough command line arguments, but doesn't
provide a passwdfile, then we can end up trying to open whatever
garbage is on the stack.
Once we've finished parsing the command line arguments, make sure
that a filename was supplied.
Caught by coverity (#986009)
Change-Id: Ice2fca16458a90d73ae6b5fadb0efa22ed0b185a
Reviewed-on: http://gerrit.openafs.org/9441
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
afs_int32 verbose = 0;
char *cellname = NULL;
+ buf[0] = '\0';
+
if (argc < 2) {
fprintf(stderr, "Usage: readpwd [-v] [-c cellname] passwdfile.\n");
exit(1);
strncpy(buf, argv[i], 150);
}
}
+
+ if (buf[0] == '\0') {
+ fprintf(stderr, "Usage: readpwd [-v] [-c cellname] passwdfile.\n");
+ exit(1);
+ }
+
code = pr_Initialize(2, AFSDIR_CLIENT_ETC_DIRPATH, cellname);
if (cellname)
free(cellname);