The code currently does
fgets(cmdbuf, ... );
cmdbuf[strlen(cmdbuf - 1)] = '\0';
in order to remove new lines from cmdbuf. Coverity thinks there's
a danger of strlen(cmdbuf) being 0, and thus the strlen being negative.
That shouldn't happen, but if fgets hits EOF midway through a line, we
might get a string that doesn't have a trailing '\n', and end up
removing the wrong character. Tidy this up by checking that the string
isn't 0 length, and that the character we're zapping is a newline.
Caught by coverity (#985430)
Change-Id: I8dae925debdc2473a6a51db021ce843e957a1557
Reviewed-on: http://gerrit.openafs.org/9310
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
printf("> ");
while (fgets(cmdbuf, CMDBUFSIZE, stdin)) {
- cmdbuf[strlen(cmdbuf) - 1] = '\0';
+ if (strlen(cmdbuf) > 0 && cmdbuf[strlen(cmdbuf) - 1] == '\n')
+ cmdbuf[strlen(cmdbuf) - 1] = '\0';
if (strlen(cmdbuf) == 0) {
printf("> ");