Patchwork [15/15] libnsdb: Fix memory allocation and access bugs in nsdb_normalize_path()

login
register
mail settings
Submitter Chuck Lever
Date Oct. 25, 2011, 4:50 p.m.
Message ID <20111025165036.18584.16227.stgit@seurat.1015granger.net>
Download mbox | patch
Permalink /patch/121756/
State Accepted
Headers show

Comments

Chuck Lever - Oct. 25, 2011, 4:50 p.m.
The malloc(3) call in nsdb_normalize_path() neglected to allocate
space for the NUL on the end of the string.

As a minor optimization, we don't need to perform the strlen(3) at the
end of the function to compute the length of the result.  We already
have that value in j.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---

 src/libpath/path.c |    7 +++----
 1 files changed, 3 insertions(+), 4 deletions(-)

Patch

diff --git a/src/libpath/path.c b/src/libpath/path.c
index 0f7a621..91c648c 100644
--- a/src/libpath/path.c
+++ b/src/libpath/path.c
@@ -83,7 +83,7 @@  nsdb_normalize_path(const char *pathname)
 		return NULL;
 	}
 
-	result = malloc(len);
+	result = malloc(len + 1);
 	if (result == NULL) {
 		xlog(L_ERROR, "%s: Failed to allocate pathname buffer",
 			__func__);
@@ -97,9 +97,8 @@  nsdb_normalize_path(const char *pathname)
 	}
 	result[j] = '\0';
 
-	len = strlen(result);
-	if (len > 1 && result[len - 1] == '/')
-		result[len - 1] = '\0';
+	if (j > 1 && result[j - 1] == '/')
+		result[j - 1] = '\0';
 
 	xlog(D_CALL, "%s: result = '%s'", __func__, result);
 	return result;