This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [patch] [trivial] fix NULL deref
- From: Daniel Jacobowitz <dan at codesourcery dot com>
- To: Ali Lakhia <lakhia at alumni dot utexas dot net>
- Cc: gdb-patches at sourceware dot org
- Date: Thu, 16 Sep 2010 13:51:25 -0400
- Subject: Re: [patch] [trivial] fix NULL deref
- References: <AANLkTikJnzZjGd0LsBMm2TifpkAjvjJ+qDRkQ-qmz9dx@mail.gmail.com>
On Thu, Sep 16, 2010 at 10:26:27AM -0700, Ali Lakhia wrote:
> Please see patch to fix NULL dereference in strchr() function. Thanks.
Interesting. How did you find this problem? I don't think this
function can ever be called.
>
> -Ali
>
> --- gdb-7.1/gdb/fork-child.c 2009-12-31 23:31:31.000000000 -0800
> +++ gdb-7.1/gdb/fork-child.c 2010-09-16 10:17:25.000000000 -0700
> @@ -52,7 +52,7 @@
> static void
> breakup_args (char *scratch, char **argv)
> {
> - char *cp = scratch;
> + char *cp = scratch, *tmp;
>
> for (;;)
> {
> @@ -68,15 +68,16 @@
> *argv++ = cp;
>
> /* Scan for next arg separator. */
> - cp = strchr (cp, ' ');
> - if (cp == NULL)
> - cp = strchr (cp, '\t');
> - if (cp == NULL)
> - cp = strchr (cp, '\n');
> + tmp = strchr (cp, ' ');
> + if (tmp == NULL)
> + tmp = strchr (cp, '\t');
> + if (tmp == NULL)
> + tmp = strchr (cp, '\n');
>
> /* No separators => end of string => break. */
> - if (cp == NULL)
> + if (tmp == NULL)
> break;
> + cp = tmp;
>
> /* Replace the separator with a terminator. */
> *cp++ = '\0';
>
--
Daniel Jacobowitz
CodeSourcery