git://git.openafs.org / openafs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch (parent: 3c56444)
readpwd: Make sure user supplies a passwdfile
authorSimon Wilkinson <sxw@your-file-system.com>
Sat, 2 Mar 2013 11:44:02 +0000 (11:44 +0000)
committerJeffrey Altman <jaltman@your-file-system.com>
Thu, 7 Mar 2013 16:08:16 +0000 (08:08 -0800)
If the user supplies enough command line arguments, but doesn't
provide a passwdfile, then we can end up trying to open whatever
garbage is on the stack.

Once we've finished parsing the command line arguments, make sure
that a filename was supplied.

Caught by coverity (#986009)

Change-Id: Ice2fca16458a90d73ae6b5fadb0efa22ed0b185a
Reviewed-on: http://gerrit.openafs.org/9441
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

src/ptserver/readpwd.c patch | blob | history

diff --git a/src/ptserver/readpwd.c b/src/ptserver/readpwd.c
index e0c5c28..8874fc5 100644 (file)
--- a/src/ptserver/readpwd.c
+++ b/src/ptserver/readpwd.c
@@ -55,6 +55,8 @@ main(afs_int32 argc, char **argv)
     afs_int32 verbose = 0;
     char *cellname = NULL;
 
+    buf[0] = '\0';
+
     if (argc < 2) {
        fprintf(stderr, "Usage: readpwd [-v] [-c cellname] passwdfile.\n");
        exit(1);
@@ -71,6 +73,12 @@ main(afs_int32 argc, char **argv)
                strncpy(buf, argv[i], 150);
        }
     }
+
+    if (buf[0] == '\0') {
+       fprintf(stderr, "Usage: readpwd [-v] [-c cellname] passwdfile.\n");
+       exit(1);
+    }
+
     code = pr_Initialize(2, AFSDIR_CLIENT_ETC_DIRPATH, cellname);
     if (cellname)
        free(cellname);
OpenAFS Master Repository