From e6f6d9c519221651f0f5da97c8608eee1804520d Mon Sep 17 00:00:00 2001 From: peter Date: Thu, 24 Jul 2003 00:04:01 +0000 Subject: Fix an annoying bug in tar. When it converted 'tar zcf' to 'tar -z -c -f' it forgot to null terminate the new argv[] array. If you mixed this with $TAR_OPTIONS, phkmalloc and a whole bunch of other variables, you could end up with a segfault. This isn't strictly a phkmalloc victory since tar walks off the end of an array rather than use uninitialized malloc memory, but phkmalloc makes it easier to provoke. --- contrib/tar/src/tar.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'contrib/tar/src') diff --git a/contrib/tar/src/tar.c b/contrib/tar/src/tar.c index ab8ca20..7d872fa 100644 --- a/contrib/tar/src/tar.c +++ b/contrib/tar/src/tar.c @@ -549,7 +549,7 @@ decode_options (int argc, char **argv) /* Allocate a new argument array, and copy program name in it. */ new_argc = argc - 1 + strlen (argv[1]); - new_argv = xmalloc (new_argc * sizeof (char *)); + new_argv = xmalloc ((new_argc + 1) * sizeof (char *)); in = argv; out = new_argv; *out++ = *in++; @@ -577,6 +577,9 @@ decode_options (int argc, char **argv) while (in < argv + argc) *out++ = *in++; + /* And NULL terminate the argv[] array */ + *out++ = NULL; + /* Replace the old option list by the new one. */ argc = new_argc; -- cgit v1.1