From b933e768eba69798c9320d53902c76be13957a22 Mon Sep 17 00:00:00 2001 From: Noriko Hosoi Date: Tue, 1 Jul 2014 11:35:37 -0700 Subject: [PATCH 6/6] Ticket #47835 - Coverity: 12687..12692 12687 - Unbounded source buffer Description: To solve "Passing string argv[0] of unknown size to usage, which expects a string of a particular size", get ARG_MAX and pass it to slapi_ch_strndup. --- ldap/servers/slapd/tools/dbscan.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/ldap/servers/slapd/tools/dbscan.c b/ldap/servers/slapd/tools/dbscan.c index 023fade..bbfcd0e 100644 --- a/ldap/servers/slapd/tools/dbscan.c +++ b/ldap/servers/slapd/tools/dbscan.c @@ -1077,16 +1077,17 @@ is_changelog(char *filename) static void usage(char *argv0) { - char *copy = strdup(argv0); + long arg_max = sysconf(_SC_ARG_MAX); + char *copy = strndup(argv0, arg_max); char *p0 = NULL, *p1 = NULL; - if (NULL != copy) { + if (copy && (strlen(copy) < arg_max)) { /* the full path is not needed in the usages */ - p0 = strrchr(argv0, '/'); - if (NULL != p0) { + p0 = strrchr(copy, '/'); + if (p0) { *p0 = '\0'; p0++; } else { - p0 = argv0; + p0 = copy; } p1 = strrchr(p0, '-'); /* get rid of -bin from the usage */ if (NULL != p1) { @@ -1124,6 +1125,9 @@ static void usage(char *argv0) printf(" # display summary of objectclass.db4\n"); printf(" %s -f objectclass.db4\n", p0); printf("\n"); + if (copy) { + free(copy); + } exit(1); } -- 1.8.1.4