PlaneteCasio
/
libc
1
0
Fork 0
Code Issues 6 Pull Requests Releases Wiki Activity

strace: Fix Coverity issues 

CID 66964: Don't trust environment variable without length check
CID 66968: Add missing va_end

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This commit is contained in:
Corinna Vinschen 2016-10-23 16:38:48 +02:00
parent 9807a501b1
commit 5e087a8373
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
winsup/utils/strace.cc
View File

@ -88,6 +88,7 @@ warn (int geterrno, const char *fmt, ...)
fputs (buf, stderr);
fputs ("\n", stderr);
}
va_end (args);
}
static void __attribute__ ((noreturn))
@ -351,13 +352,16 @@ create_child (char **argv)
make_command_line (one_line, argv);
SetConsoleCtrlHandler (NULL, 0);
const char *cygwin_env = getenv ("CYGWIN");
const char *space;
if (cygwin_env)
if (cygwin_env && strlen (cygwin_env) <= 256) /* sanity check */
space = " ";
else
space = cygwin_env = "";
char *newenv = (char *) malloc (sizeof ("CYGWIN=noglob") + strlen (space) + strlen (cygwin_env));
char *newenv = (char *) malloc (sizeof ("CYGWIN=noglob")
+ strlen (space) + strlen (cygwin_env));
sprintf (newenv, "CYGWIN=noglob%s%s", space, cygwin_env);
_putenv (newenv);
ret = CreateProcess (0, one_line.buf, /* command line */