mg(1): strchr() may return NULL

Joachim Nilsson Sun, 25 Aug 2019 12:20:40 -0700

The new Scheme-like interpreter may do a NULL pointer deref.  when
strchr() fails.   Check pointer before NUL terminating.


--- a/src/interpreter.c
+++ b/src/interpreter.c
@@ -122,10 +122,12 @@ multiarg(char *funstr)
                        *fendp = '\0';
                return(excline(cmdp));
        }
+
        if ((fendp = strchr(cmdp, ' ')) == NULL)
                fendp = strchr(cmdp, '\t');
+       if (fendp)
+               *fendp = '\0';

-       *fendp = '\0';
        /*
         * If no extant mg command found, just return.
         */

mg(1): strchr() may return NULL

Reply via email to