cedric pushed a commit to branch master.
http://git.enlightenment.org/core/efl.git/commit/?id=7143bd7fb5196f97003216528bfbfb8bec4826bd
commit 7143bd7fb5196f97003216528bfbfb8bec4826bd
Author: Daniel Hirt <daniel.h...@samsung.com>
Date: Wed Feb 4 14:08:32 2015 +0100
eina: fix valgrind invalid read of size in eina_file_path_sanitize.
Summary:
Apparently eina_tmpstr_strlen counts the null character as well. This
doesn't follow how strlen works, as the latter excludes it from the count.
This resulted in mistreatment of the string in _eina_file_escape, with
tmp_str paths that had "../".
This fix will do for now, but it is advised that we avoid using
eina_tmpstr_strlen, to prevent such confusions in the future.
Test Plan:
The following lines will throw a valgrind 'invalid read of size 1' error
prior this fix:
char *path = "home/mydir/../myfile";
Eina_Tmpstr *tmp_str = eina_tmpstr_add(path);
char *ret_path = eina_file_path_sanitize(path);
@fix
Reviewers: cedric, stefan_schmidt
Subscribers: tasn, cedric
Differential Revision: https://phab.enlightenment.org/D1929
Signed-off-by: Cedric BAIL <ced...@osg.samsung.com>
---
src/lib/eina/eina_file_common.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lib/eina/eina_file_common.c b/src/lib/eina/eina_file_common.c
index 3e5b615..2c2406d 100644
--- a/src/lib/eina/eina_file_common.c
+++ b/src/lib/eina/eina_file_common.c
@@ -353,7 +353,7 @@ eina_file_path_sanitize(const char *path)
if (eina_file_path_relative(path))
{
result = eina_file_current_directory_get(path, len);
- len = eina_tmpstr_strlen(result);
+ len = eina_tmpstr_strlen(result) - 1; /* tmpstr lengths include '/0' */
}
else
result = path;
--
