If the string was non-NULL but empty (str="\0"), the following \0 assignment
would write to str[-1] and thus cause memory corruption.
On PPC and MIPS, this was causing crashes in glibc.
---
src/storage.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/storage.c b/src/storage.c
index 47bd0cb..20766a3 100644
--- a/src/storage.c
+++ b/src/storage.c
@@ -212,7 +212,11 @@ gchar **connman_storage_get_services()
closedir(dir);
str = g_string_free(result, FALSE);
- if (str) {
+ if (str && str[0] != '\0') {
+ /*
+ * Remove the trailing separator so that services doesn't end up
+ * with an empty element.
+ */
str[strlen(str) - 1] = '\0';
services = g_strsplit(str, "/", -1);
}
--
1.7.10.4
_______________________________________________
connman mailing list
[email protected]
http://lists.connman.net/listinfo/connman
