[PATCH] rsh.c unterminated string

The change I made to rsh.c would leave the string unterminated under
certain conditions, which unfortunately always applied!  This patch
fixes this.  For some reason this never bit on i386 or ppc, but bit me
on x86-64.

Fix situation where the buffer was not properly null-terminated.

Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Signed-off-by: Junio C Hamano <junkio@cox.net>

diff --git a/rsh.c b/rsh.c
index 1c63686..bad5cff 100644 (file)
--- a/rsh.c
+++ b/rsh.c
@@ -53,6 +53,7 @@ static int add_to_string(char **ptrp, int *sizep, const char *str, int quote)
        char *p = *ptrp;
        int size = *sizep;
        int oc;
+       int err = 0;
 
        if ( quote ) {
                oc = shell_quote(p, size, str);
@@ -62,15 +63,14 @@ static int add_to_string(char **ptrp, int *sizep, const char *str, int quote)
        }
 
        if ( oc >= size ) {
-               p[size-1] = '\0';
-               *ptrp += size-1;
-               *sizep = 1;
-               return 1;       /* Overflow, string unusable */
+               err = 1;
+               oc = size-1;
        }
 
        *ptrp  += oc;
+       **ptrp  = '\0';
        *sizep -= oc;
-       return 0;
+       return err;
 }
 
 int setup_connection(int *fd_in, int *fd_out, const char *remote_prog,