bug-findutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #59133] strdup without error handling in print.c:do_fprintf()

From: FB
Subject: [bug #59133] strdup without error handling in print.c:do_fprintf()
Date: Fri, 18 Sep 2020 15:07:34 -0400 (EDT)
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36 
URL:
  <https://savannah.gnu.org/bugs/?59133>

                 Summary: strdup without error handling in
print.c:do_fprintf()
                 Project: findutils
            Submitted by: x251
            Submitted on: Fri 18 Sep 2020 07:07:33 PM UTC
                Category: find
                Severity: 3 - Normal
              Item Group: None
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: 
        Originator Email: 
             Open/Closed: Open
                 Release: 4.7.0
         Discussion Lock: Any
           Fixed Release: None

    _______________________________________________________

Details:

strdup() is called and the resulting pointer is dereferenced without NULL
check:


        case 'h':               /* leading directories part of path */
          /* sanitised */
          {
            char *pname = strdup (pathname);

            /* Remove trailing slashes - unless it's the root '/' directory. 
*/
            char *s = pname + strlen (pname) -1;
            for ( ; pname <= s; s--)


(Reported by Infer)




    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?59133>

_______________________________________________
  Message sent via Savannah
  https://savannah.gnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]