This patch takes care of potential null dereference and a few typos.
It has been detected by our static code analysis system.
The diff was created using p4.
The row numbering is incorrect because we're using outdated code.
Signed-off-by: Niv Shetrit Niv.Shetrit at altair-semi.com<mailto:Niv.Shetrit at altair-semi.com>
Commons/cli_hush.c
@@ -3508,9 +3508,9 @@
char *p, *p1, *res_str = NULL;
while ((p = strchr(inp, SPECIAL_VAR_SYMBOL))) {
- /* check the beginning of the string for normal charachters */
+ /* check the beginning of the string for normal characters */
if (p != inp) {
- /* copy any charachters to the result string */
+ /* copy any characters to the result string */
len = p - inp;
res_str = xrealloc(res_str, (res_str_len + len));
strncpy((res_str + res_str_len), inp, len);
@@ -3518,41 +3518,42 @@
}
inp = ++p;
/* find the ending marker */
- p = strchr(inp, SPECIAL_VAR_SYMBOL);
- *p = '\0';
- /* look up the value to substitute */
- if ((p1 = lookup_param(inp))) {
- if (tag_subst)
- len = res_str_len + strlen(p1) + 2;
- else
- len = res_str_len + strlen(p1);
- res_str = xrealloc(res_str, (1 + len));
- if (tag_subst) {
- /*
- * copy the variable value to the result
- * string
- */
- strcpy((res_str + res_str_len + 1), p1);
+ if ((p = strchr(inp, SPECIAL_VAR_SYMBOL))) {
+ *p = '\0';
+ /* look up the value to substitute */
+ if ((p1 = lookup_param(inp))) {
+ if (tag_subst)
+ len = res_str_len + strlen(p1) + 2;
+ else
+ len = res_str_len + strlen(p1);
+ res_str = xrealloc(res_str, (1 + len));
+ if (tag_subst) {
+ /*
+ * copy the variable value to the result
+ * string
+ */
+ strcpy((res_str + res_str_len + 1), p1);
- /*
- * mark the replaced text to be accepted as
- * is
- */
- res_str[res_str_len] = SUBSTED_VAR_SYMBOL;
- res_str[res_str_len + 1 + strlen(p1)] =
- SUBSTED_VAR_SYMBOL;
- } else
- /*
- * copy the variable value to the result
- * string
- */
- strcpy((res_str + res_str_len), p1);
+ /*
+ * mark the replaced text to be accepted as
+ * is
+ */
+ res_str[res_str_len] = SUBSTED_VAR_SYMBOL;
+ res_str[res_str_len + 1 + strlen(p1)] =
+ SUBSTED_VAR_SYMBOL;
+ } else
+ /*
+ * copy the variable value to the result
+ * string
+ */
+ strcpy((res_str + res_str_len), p1);
- res_str_len = len;
+ res_str_len = len;
+ }
+ *p = SPECIAL_VAR_SYMBOL;
+ inp = ++p;
+ done = 1;
}
- *p = SPECIAL_VAR_SYMBOL;
- inp = ++p;
- done = 1;
}
if (done) {
res_str = xrealloc(res_str, (1 + res_str_len + strlen(inp)));
________________________________
Important Notice: This email message and any attachments thereto are confidential and/or privileged and/or subject to privacy laws and are intended only for use by the addressee(s) named above. If you are not the intended addressee, you are hereby kindly notified that any dissemination, distribution, copying or use of this email and any attachments thereto is strictly prohibited. If you have received this email in error, kindly delete it from your computer system and notify us at the telephone number or email address appearing above. The writer asserts in respect of this message and attachments all rights for confidentiality, privilege or privacy to the fullest extent permitted by law.