[PATCH:xdm] Ensure fgets read at least one byte before modifying string
Alan Coopersmith
alan.coopersmith at oracle.com
Sun Oct 20 03:06:17 CEST 2013
If a file has a \0 byte (binary file, strange encoding, corruption),
fgets() can return a string starting with a \0 byte - check for that
before checking to see if the byte before the \0 is a \n, so we don't
reach back before the start of our memory buffer.
Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
---
xdm/dm.c | 11 ++++++-----
xdm/session.c | 2 ++
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/xdm/dm.c b/xdm/dm.c
index 90543c1..603cc63 100644
--- a/xdm/dm.c
+++ b/xdm/dm.c
@@ -295,7 +295,6 @@ static void
ScanServers (void)
{
char lineBuf[10240];
- int len;
FILE *serversFile;
struct stat statb;
static DisplayType acceptableTypes[] =
@@ -320,10 +319,12 @@ ScanServers (void)
}
while (fgets (lineBuf, sizeof (lineBuf)-1, serversFile))
{
- len = strlen (lineBuf);
- if (lineBuf[len-1] == '\n')
- lineBuf[len-1] = '\0';
- ParseDisplay (lineBuf, acceptableTypes, NumTypes);
+ size_t len = strlen (lineBuf);
+ if (len > 0) {
+ if (lineBuf[len-1] == '\n')
+ lineBuf[len-1] = '\0';
+ ParseDisplay (lineBuf, acceptableTypes, NumTypes);
+ }
}
fclose (serversFile);
}
diff --git a/xdm/session.c b/xdm/session.c
index 84c58d7..eff9c74 100644
--- a/xdm/session.c
+++ b/xdm/session.c
@@ -969,6 +969,8 @@ execute (char **argv, char **environ)
return;
}
fclose (f);
+ if (program[0] == '\0')
+ return;
e = program + strlen (program) - 1;
if (*e == '\n')
*e = '\0';
--
1.7.9.2
More information about the xorg-devel
mailing list