From patchwork Thu Dec 1 15:58:18 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jim Meyering X-Patchwork-Id: 128713 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "acsinet15.oracle.com", Issuer "VeriSign Class 3 International Server CA - G3" (verified OK)) by ozlabs.org (Postfix) with ESMTPS id 0CD7AB6F80 for ; Fri, 2 Dec 2011 02:58:47 +1100 (EST) Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by acsinet15.oracle.com (Switch-3.4.4/Switch-3.4.4) with ESMTP id pB1Fwg3f004274 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 1 Dec 2011 15:58:43 GMT Received: from oss.oracle.com (oss.oracle.com [141.146.12.120]) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id pB1Fwfgp004291 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 1 Dec 2011 15:58:41 GMT Received: from localhost ([127.0.0.1] helo=oss.oracle.com) by oss.oracle.com with esmtp (Exim 4.63) (envelope-from ) id 1RW91w-0006JM-5m; Thu, 01 Dec 2011 07:58:36 -0800 Received: from rcsinet13.oracle.com ([148.87.113.125]) by oss.oracle.com with esmtp (Exim 4.63) (envelope-from ) id 1RW91t-0006Hy-8q for fedfs-utils-devel@oss.oracle.com; Thu, 01 Dec 2011 07:58:33 -0800 Received: from mx.meyering.net (mx.meyering.net [88.168.87.75]) by rcsinet13.oracle.com (Sentrion-MTA-4.2.0/Sentrion-MTA-4.2.0) with ESMTP id pB1FwVAE012735 for ; Thu, 1 Dec 2011 15:58:32 GMT Received: by rho.meyering.net (Acme Bit-Twister, from userid 1000) id 4E5886006E; Thu, 1 Dec 2011 16:58:30 +0100 (CET) From: Jim Meyering To: fedfs-utils-devel@oss.oracle.com Date: Thu, 1 Dec 2011 16:58:18 +0100 Message-Id: <1322755106-8171-2-git-send-email-jim@meyering.net> X-Mailer: git-send-email 1.7.7.3 In-Reply-To: <1322755106-8171-1-git-send-email-jim@meyering.net> References: <1322755106-8171-1-git-send-email-jim@meyering.net> Subject: [fedfs-utils] [PATCH 1/9] mount: avoid two-byte heap write overrun X-BeenThere: fedfs-utils-devel@oss.oracle.com X-Mailman-Version: 2.1.9 Precedence: list Reply-To: fedfs-utils Developers List-Id: fedfs-utils Developers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: fedfs-utils-devel-bounces@oss.oracle.com Errors-To: fedfs-utils-devel-bounces@oss.oracle.com X-Source-IP: ucsinet22.oracle.com [156.151.31.94] X-CT-RefId: str=0001.0A090205.4ED7A433.00BA:SCFSTAT3865452, ss=1, re=-4.000, fgs=0 From: Jim Meyering * src/mount/main.c (try_mount): Correct off-by-two under-allocation. Rather than allocating space for strlen(S)+1, it allocates space for strlen(S+1), which is shorter by two. Spotted by coverity. Signed-off-by: Jim Meyering --- src/mount/main.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/mount/main.c b/src/mount/main.c index f76f355..b49d152 100644 --- a/src/mount/main.c +++ b/src/mount/main.c @@ -384,7 +384,7 @@ try_mount(const char *source, const char *target, const char *text_options) } else { char *tmp; - tmp = malloc(strlen(remaining + 1)); + tmp = malloc(strlen(remaining) + 1); if (tmp == NULL) { fprintf(stderr, _("%s: No memory\n"), progname); remaining = NULL;