From: Simon Wilkinson <sxw@your-file-system.com>
Date: Thu, 28 Feb 2013 12:15:29 +0000 (+0000)
Subject: dumptool: Remove newlines safely
X-Git-Tag: upstream/1.8.0_pre1^2~1384
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=8f51502e5f45a43fba130d260813716be894d51e;p=packages%2Fo%2Fopenafs.git

dumptool: Remove newlines safely

The code currently does

   fgets(cmdbuf, ... );
   cmdbuf[strlen(cmdbuf - 1)] = '\0';

in order to remove new lines from cmdbuf. Coverity thinks there's
a danger of strlen(cmdbuf) being 0, and thus the strlen being negative.
That shouldn't happen, but if fgets hits EOF midway through a line, we
might get a string that doesn't have a trailing '\n', and end up
removing the wrong character. Tidy this up by checking that the string
isn't 0 length, and that the character we're zapping is a newline.

Caught by coverity (#985430)

Change-Id: I8dae925debdc2473a6a51db021ce843e957a1557
Reviewed-on: http://gerrit.openafs.org/9310
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
---

diff --git a/src/tools/dumpscan/dumptool.c b/src/tools/dumpscan/dumptool.c
index a8c05a051..be8d5750a 100644
--- a/src/tools/dumpscan/dumptool.c
+++ b/src/tools/dumpscan/dumptool.c
@@ -1224,7 +1224,8 @@ InteractiveRestore(FILE * f, VolumeDiskData * vol)
     printf("> ");
     while (fgets(cmdbuf, CMDBUFSIZE, stdin)) {
 
-	cmdbuf[strlen(cmdbuf) - 1] = '\0';
+	if (strlen(cmdbuf) > 0 && cmdbuf[strlen(cmdbuf) - 1] == '\n')
+	    cmdbuf[strlen(cmdbuf) - 1] = '\0';
 
 	if (strlen(cmdbuf) == 0) {
 	    printf("> ");