From 0328eb91a46840bf5020a7f627aa5664a2948621 Mon Sep 17 00:00:00 2001 From: =?utf-8?q?Ra=C3=BAl=20S=C3=A1nchez=20Siles?= Date: Tue, 4 Aug 2009 14:17:12 -0700 Subject: [PATCH] Avoid undefined behavior of passing NULL to strcmp Having a blank line in the file passed to the -T option will cause an entry in the argv array to be NULL. To avoid invoking undefined behavior, we take care not to pass these NULL values to strcmp. --- debian/changelog | 4 +++- lib/getopt.c | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index 1e26c81..3238ff3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,8 +7,10 @@ tar (1.22-1.2) UNRELEASED; urgency=low Thanks to Ted T'so for the idea and Sergey Poznyakoff for cleaning up my original implementation. * Respect DEB_BUILD_OPTIONS=nocheck to conform with Policy 3.8.2 + * Avoid undefined behavior of passing NULL to strcmp, closes: #411485 + Thanks to Raúl Sánchez Siles for proposing this patch. - -- Carl Worth Tue, 04 Aug 2009 12:07:06 -0700 + -- Carl Worth Tue, 04 Aug 2009 14:16:09 -0700 tar (1.22-1.1) unstable; urgency=low diff --git a/lib/getopt.c b/lib/getopt.c index f1e6d1f..f1c0e1f 100644 --- a/lib/getopt.c +++ b/lib/getopt.c @@ -413,7 +413,7 @@ _getopt_internal_r (int argc, char **argv, const char *optstring, then exchange with previous non-options as if it were an option, then skip everything else like a non-option. */ - if (d->optind != argc && !strcmp (argv[d->optind], "--")) + if (d->optind != argc && argv[d->optind] && !strcmp (argv[d->optind], "--")) { d->optind++; -- 1.6.3.3