> On Tue, Jan 19, 2016 at 12:35:27PM +0100, Sunil Nimmagadda wrote:
>
> > > - dlen = strlen(dir);
> > > - while (dir[dlen-1] == '/')
> > > - dir[--dlen] = '\0'; /* strip trailing '/' */
>
> > dlen could never be zero as we are replacing dir[0] with '.' if
> > it's an empty field but that has another problem of wrong strlen(3)
> > values due to improper NUL termination. The simple fix is to skip
> > empty fields in PATH which I committed.
>
> Actually, the problem my diff was supposed to address is not empty
> fields, but fields containing a slash and nothing else. Then,
> dir[0] == '/' and dir[1] == '\0', so dlen == 1, and the while-loop
> quoted above runs, and *decrements dlen* to 0. Then, to check if the
> loop condition is still true, the program reads dir[-1]. If the
> slash-only field is at the beginning of the path (e.g.,
> PATH = "/:/bin:...") this means reading path[-1].
ah right, sorry, I misread your diff.
Ok to commit?
Index: cscope.c
===================================================================
RCS file: /cvs/src/usr.bin/mg/cscope.c,v
retrieving revision 1.15
diff -u -p -r1.15 cscope.c
--- cscope.c 19 Jan 2016 11:39:06 -0000 1.15
+++ cscope.c 19 Jan 2016 13:38:06 -0000
@@ -614,7 +614,7 @@ csexists(const char *cmd)
continue;
dlen = strlen(dir);
- while (dir[dlen-1] == '/')
+ while (dlen > 0 && dir[dlen-1] == '/')
dir[--dlen] = '\0'; /* strip trailing '/' */
len = snprintf(fname, sizeof(fname), "%s/%s", dir, cmd);
