diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2016-10-23 16:38:48 +0200 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2016-10-23 16:38:48 +0200 |
| commit | 5e087a83734fac4674a45a8ca8dd7e8bb1eb5d5e (patch) | |
| tree | a92609533b44295ea8850585a687e56319ed357f /winsup/utils | |
| parent | 9807a501b16cda8cf95042cde2a7d76eb7d3b9e1 (diff) | |
| download | newlib-5e087a83734fac4674a45a8ca8dd7e8bb1eb5d5e.zip newlib-5e087a83734fac4674a45a8ca8dd7e8bb1eb5d5e.tar.gz newlib-5e087a83734fac4674a45a8ca8dd7e8bb1eb5d5e.tar.bz2 | |
strace: Fix Coverity issues
CID 66964: Don't trust environment variable without length check
CID 66968: Add missing va_end
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Diffstat (limited to 'winsup/utils')
| -rw-r--r-- | winsup/utils/strace.cc | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/winsup/utils/strace.cc b/winsup/utils/strace.cc index eb96a61..4046cce 100644 --- a/winsup/utils/strace.cc +++ b/winsup/utils/strace.cc @@ -88,6 +88,7 @@ warn (int geterrno, const char *fmt, ...) fputs (buf, stderr); fputs ("\n", stderr); } + va_end (args); } static void __attribute__ ((noreturn)) @@ -351,13 +352,16 @@ create_child (char **argv) make_command_line (one_line, argv); SetConsoleCtrlHandler (NULL, 0); + const char *cygwin_env = getenv ("CYGWIN"); const char *space; - if (cygwin_env) + + if (cygwin_env && strlen (cygwin_env) <= 256) /* sanity check */ space = " "; else space = cygwin_env = ""; - char *newenv = (char *) malloc (sizeof ("CYGWIN=noglob") + strlen (space) + strlen (cygwin_env)); + char *newenv = (char *) malloc (sizeof ("CYGWIN=noglob") + + strlen (space) + strlen (cygwin_env)); sprintf (newenv, "CYGWIN=noglob%s%s", space, cygwin_env); _putenv (newenv); ret = CreateProcess (0, one_line.buf, /* command line */ |