From: Christos Zoulas <christos@zoulas.com>
Date: Tue, 12 Oct 2004 14:55:09 +0000 (+0000)
Subject: Fix stack overwrire on 0 length strings.
X-Git-Tag: FILE5_05~854
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=cf0c8687d1d43162cbbb7e4b752969c0df3a0229;p=file

Fix stack overwrire on 0 length strings.
---

diff --git a/ChangeLog b/ChangeLog
index 9e5ad6e8..2a0972f3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,9 @@
-2004-09-27 11:30  christos Zoulas  <christos@zoulas.com>
+2004 10-12 10:50  Christos Zoulas  <christos@zoulas.com>
+
+	* Fix stack overwriting on 0 length strings: Tim Waugh
+	    <twaugh@redhat.com>
+
+2004-09-27 11:30  Christos Zoulas  <christos@zoulas.com>
 
 	* Remove 3rd and 4th copyright clause; approved by Ian Darwin.
 
diff --git a/src/softmagic.c b/src/softmagic.c
index 6e9f4abc..5b832154 100644
--- a/src/softmagic.c
+++ b/src/softmagic.c
@@ -39,7 +39,7 @@
 
 
 #ifndef	lint
-FILE_RCSID("@(#)$Id: softmagic.c,v 1.67 2004/09/11 19:15:58 christos Exp $")
+FILE_RCSID("@(#)$Id: softmagic.c,v 1.68 2004/10/12 14:55:09 christos Exp $")
 #endif	/* lint */
 
 private int match(struct magic_set *, struct magic *, uint32_t,
@@ -422,27 +422,27 @@ mconvert(struct magic_set *ms, union VALUETYPE *p, struct magic *m)
 		return 1;
 	case FILE_STRING:
 		{
-			int n;
+			size_t len;
 
 			/* Null terminate and eat *trailing* return */
 			p->s[sizeof(p->s) - 1] = '\0';
-			n = strlen(p->s) - 1;
-			if (p->s[n] == '\n')
-				p->s[n] = '\0';
+			len = strlen(p->s);
+			if (len && p->s[len - 1] == '\n')
+				p->s[len - 1] = '\0';
 			return 1;
 		}
 	case FILE_PSTRING:
 		{
 			char *ptr1 = p->s, *ptr2 = ptr1 + 1;
-			unsigned int n = *p->s;
-			if (n >= sizeof(p->s))
-				n = sizeof(p->s) - 1;
-			while (n--)
+			size_t len = *p->s;
+			if (len >= sizeof(p->s))
+				len = sizeof(p->s) - 1;
+			while (len--)
 				*ptr1++ = *ptr2++;
 			*ptr1 = '\0';
-			n = strlen(p->s) - 1;
-			if (p->s[n] == '\n')
-				p->s[n] = '\0';
+			len = strlen(p->s);
+			if (len && p->s[len - 1] == '\n')
+				p->s[len - 1] = '\0';
 			return 1;
 		}
 	case FILE_BESHORT: