Am 21.03.2017 17:44, schrieb Colin King:
> From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
>
> The allocation of dname is short by 1 byte, so increase the allocation
> size.
>
> Detected with CoverityScan, CID#711628 ("Out-of-bounds-access (OVERRUN)")
>
> Signed-off-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>
> ---
> usr/gen_init_cpio.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/usr/gen_init_cpio.c b/usr/gen_init_cpio.c
> index 225ad244cf88..981682f4faea 100644
> --- a/usr/gen_init_cpio.c
> +++ b/usr/gen_init_cpio.c
> @@ -418,7 +418,7 @@ static int cpio_mkfile_line(const char *line)
> int len;
> int nend;
>
> - dname = malloc(strlen(line));
> + dname = malloc(strlen(line) + 1);
> if (!dname) {
> fprintf (stderr, "out of memory (%d)\n", dname_len);
> goto fail;
this is a case for strdup()
re,
wh
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
