mirror of
https://sourceware.org/git/glibc.git
synced 2024-12-23 03:10:05 +00:00
glob: pacify fuzzer for mempcpy
Problem reported by Tim Rühsen [1]. Sync with gnulib 0e14f025d2. [1] https://lists.gnu.org/archive/html/bug-gnulib/2017-10/msg00054.html Checked on x86_64-linux-gnu. * lib/glob.c (glob): Do not pass NULL to mempcpy. Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This commit is contained in:
parent
6f58c10ded
commit
d711a00f93
@ -1,3 +1,7 @@
|
||||
2017-12-19 Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
||||
|
||||
* lib/glob.c (glob): Do not pass NULL to mempcpy.
|
||||
|
||||
2017-12-19 Joseph Myers <joseph@codesourcery.com>
|
||||
|
||||
* sysdeps/x86_64/fpu/libm-test-ulps: Update.
|
||||
|
@ -826,6 +826,7 @@ __glob (const char *pattern, int flags, int (*errfunc) (const char *, int),
|
||||
{
|
||||
size_t home_len = strlen (p->pw_dir);
|
||||
size_t rest_len = end_name == NULL ? 0 : strlen (end_name);
|
||||
char *d;
|
||||
|
||||
if (__glibc_unlikely (malloc_dirname))
|
||||
free (dirname);
|
||||
@ -845,8 +846,10 @@ __glob (const char *pattern, int flags, int (*errfunc) (const char *, int),
|
||||
}
|
||||
malloc_dirname = 1;
|
||||
}
|
||||
*((char *) mempcpy (mempcpy (dirname, p->pw_dir, home_len),
|
||||
end_name, rest_len)) = '\0';
|
||||
d = mempcpy (dirname, p->pw_dir, home_len);
|
||||
if (end_name != NULL)
|
||||
d = mempcpy (d, end_name, rest_len);
|
||||
*d = '\0';
|
||||
|
||||
dirlen = home_len + rest_len;
|
||||
dirname_modified = 1;
|
||||
|
Loading…
Reference in New Issue
Block a user