main_apphead_string()
setharnold opened this issue · comments
Hello, I gave xdelta3 a very quick look as part of the Ubuntu main inclusion process:
https://bugs.launchpad.net/ubuntu/+source/xdelta3/+bug/1647222
Can main_apphead_string() be tricked by an x input that ends with a / char?
static const char*
main_apphead_string (const char* x)
{
const char *y;
if (x == NULL) { return ""; }
if (strcmp (x, "/dev/stdin") == 0 ||
strcmp (x, "/dev/stdout") == 0 ||
strcmp (x, "/dev/stderr") == 0) { return "-"; }
// TODO: this is not portable
return (y = strrchr (x, '/')) == NULL ? x : y + 1;
}
If the input ends with / then the return value will point the NUL at the end. Are the callers prepared to handle this case? Or is this input forbidden elsewhere?
Thanks