From 4bf2a1ee91f5db11b9eb1f7ee7dc3326a8bd52e2 Mon Sep 17 00:00:00 2001 From: Gregory Nutt Date: Sat, 22 Feb 2020 17:53:28 -0600 Subject: [PATCH] tools/zds/zdsar.c: Correct memory corruption bug A pointer to a string in a memory buffer was losing its value. The reason was that the buffer was occasionally being used for other purposes. The fix is to strdup() the string so that there is a private, protected copy. --- tools/zds/zdsar.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/tools/zds/zdsar.c b/tools/zds/zdsar.c index 8acd42b95b..271bf96bef 100644 --- a/tools/zds/zdsar.c +++ b/tools/zds/zdsar.c @@ -384,7 +384,7 @@ static const char *convert_path(const char *path) g_posixpath[size] = '"'; } - g_posixpath[size+1] = '\0'; + g_posixpath[size + 1] = '\0'; return retptr; #else return path; @@ -465,6 +465,8 @@ static void parse_args(int argc, char **argv) } else if (strcmp(argv[argidx], "--library") == 0) { + const char *tmp_path; + argidx++; if (argidx >= argc) { @@ -479,7 +481,13 @@ static void parse_args(int argc, char **argv) * native mode. */ - library = (char *)convert_path(argv[argidx]); + tmp_path = convert_path(argv[argidx]); + library = strdup(tmp_path); + if (library == NULL) + { + fprintf(stderr, "ERROR: strdup() failed\n"); + exit(EXIT_FAILURE); + } } else if (strcmp(argv[argidx], "--obj-path") == 0) {