From 6aef5e591f3fa1ceeedb22273d2fe04298b6e3fb Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 30 Nov 2009 21:48:33 +0100 Subject: Fix bug 6546: Avoid accessing buf[-1] if NUL byte comes from fgets --- source3/utils/eventlogadm.c | 5 ++++- source3/utils/net_rpc.c | 3 ++- source3/utils/smbget.c | 4 +++- 3 files changed, 9 insertions(+), 3 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/eventlogadm.c b/source3/utils/eventlogadm.c index 7fc04b008e..415330f68c 100644 --- a/source3/utils/eventlogadm.c +++ b/source3/utils/eventlogadm.c @@ -118,7 +118,10 @@ static int DoWriteCommand( int argc, char **argv, bool debugflag, char *exename if (fgets( linein, sizeof( linein ) - 1, f1 ) == NULL) { break; } - linein[strlen( linein ) - 1] = 0; /* whack the line delimiter */ + if ((strlen(linein) > 0) + && (linein[strlen(linein)-1] == '\n')) { + linein[strlen(linein)-1] = 0; + } if ( debugflag ) printf( "Read line [%s]\n", linein ); diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index fdb11f33a0..5b3b1e34d7 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -4262,8 +4262,9 @@ static bool get_user_tokens_from_file(FILE *f, return true; } - if (line[strlen(line)-1] == '\n') + if ((strlen(line) > 0) && (line[strlen(line)-1] == '\n')) { line[strlen(line)-1] = '\0'; + } if (line[0] == ' ') { /* We have a SID */ diff --git a/source3/utils/smbget.c b/source3/utils/smbget.c index b7d56cdcba..15fe1fd70a 100644 --- a/source3/utils/smbget.c +++ b/source3/utils/smbget.c @@ -94,7 +94,9 @@ static void get_auth_data(const char *srv, const char *shr, char *wg, int wglen, if (fgets(tmp, sizeof(tmp), stdin) == NULL) { return; } - if(tmp[strlen(tmp)-1] == '\n')tmp[strlen(tmp)-1] = '\0'; + if ((strlen(tmp) > 0) && (tmp[strlen(tmp)-1] == '\n')) { + tmp[strlen(tmp)-1] = '\0'; + } strncpy(un, tmp, unlen-1); } else if(username) strncpy(un, username, unlen-1); -- cgit