[fedfs-utils] [PATCH 3/9] mount: avoid two-byte heap write overrun
Chuck Lever
chuck.lever at oracle.com
Mon Dec 5 09:23:29 PST 2011
From: Jim Meyering <meyering at redhat.com>
* src/mount/main.c (try_mount): Correct off-by-two under-allocation.
Rather than allocating space for strlen(S)+1, it allocates space
for strlen(S+1), which is shorter by two. Spotted by coverity.
Introduced by commit bfe6aa7f: "mount.fedfs: Overhaul mount.fedfs
CLI," (April 1, 2011).
Signed-off-by: Jim Meyering <meyering at redhat.com>
---
src/mount/main.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/mount/main.c b/src/mount/main.c
index f76f355..b49d152 100644
--- a/src/mount/main.c
+++ b/src/mount/main.c
@@ -384,7 +384,7 @@ try_mount(const char *source, const char *target, const char *text_options)
} else {
char *tmp;
- tmp = malloc(strlen(remaining + 1));
+ tmp = malloc(strlen(remaining) + 1);
if (tmp == NULL) {
fprintf(stderr, _("%s: No memory\n"), progname);
remaining = NULL;
More information about the fedfs-utils-devel
mailing list