Patchwork [1/8] mount avoid one-byte overrun

login
register
mail settings
Submitter Jim Meyering
Date Nov. 30, 2011, 8:51 p.m.
Message ID <1322686298-14634-2-git-send-email-jim@meyering.net>
Download mbox | patch
Permalink /patch/128576/
State Superseded
Headers show

Comments

Jim Meyering - Nov. 30, 2011, 8:51 p.m.
From: Jim Meyering <meyering@redhat.com>

* src/mount/main.c (try_mount): Correct off-by-two under-allocation.
Rather than allocating space for strlen(S)+1, it allocates space
for strlen(S+1), which is shorter by two.  Spotted by coverity.
---
 src/mount/main.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
Jim Meyering - Nov. 30, 2011, 9:03 p.m.
> * src/mount/main.c (try_mount): Correct off-by-two under-allocation.
> Rather than allocating space for strlen(S)+1, it allocates space
> for strlen(S+1), which is shorter by two.  Spotted by coverity.

The one-line summary (Subject:) is inaccurate, as you can see in
the log message.  Here's a better one:

    mount: avoid two-byte overrun

Patch

diff --git a/src/mount/main.c b/src/mount/main.c
index f76f355..b49d152 100644
--- a/src/mount/main.c
+++ b/src/mount/main.c
@@ -384,7 +384,7 @@  try_mount(const char *source, const char *target, const char *text_options)
 	} else {
 		char *tmp;

-		tmp = malloc(strlen(remaining + 1));
+		tmp = malloc(strlen(remaining) + 1);
 		if (tmp == NULL) {
 			fprintf(stderr, _("%s: No memory\n"), progname);
 			remaining = NULL;