dumptool: Remove newlines safely
authorSimon Wilkinson <sxw@your-file-system.com>
Thu, 28 Feb 2013 12:15:29 +0000 (12:15 +0000)
committerJeffrey Altman <jaltman@your-file-system.com>
Fri, 1 Mar 2013 00:17:06 +0000 (16:17 -0800)
The code currently does

   fgets(cmdbuf, ... );
   cmdbuf[strlen(cmdbuf - 1)] = '\0';

in order to remove new lines from cmdbuf. Coverity thinks there's
a danger of strlen(cmdbuf) being 0, and thus the strlen being negative.
That shouldn't happen, but if fgets hits EOF midway through a line, we
might get a string that doesn't have a trailing '\n', and end up
removing the wrong character. Tidy this up by checking that the string
isn't 0 length, and that the character we're zapping is a newline.

Caught by coverity (#985430)

Change-Id: I8dae925debdc2473a6a51db021ce843e957a1557
Reviewed-on: http://gerrit.openafs.org/9310
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

src/tools/dumpscan/dumptool.c

index a8c05a0..be8d575 100644 (file)
@@ -1224,7 +1224,8 @@ InteractiveRestore(FILE * f, VolumeDiskData * vol)
     printf("> ");
     while (fgets(cmdbuf, CMDBUFSIZE, stdin)) {
 
-       cmdbuf[strlen(cmdbuf) - 1] = '\0';
+       if (strlen(cmdbuf) > 0 && cmdbuf[strlen(cmdbuf) - 1] == '\n')
+           cmdbuf[strlen(cmdbuf) - 1] = '\0';
 
        if (strlen(cmdbuf) == 0) {
            printf("> ");