[uri] Handle an empty unparse_uri() result properly
authorJoshua Oreman <oremanj@rwcr.net>
Wed, 27 Jan 2010 04:55:23 +0000 (23:55 -0500)
committerMarty Connor <mdc@etherboot.org>
Wed, 27 Jan 2010 13:50:49 +0000 (08:50 -0500)
Previously, if none of the URI parts requested existed in the passed
URI, unparse_uri() would not touch the destination buffer at all; this
could lead to use of uninitialized data. Fix by setting buf[0] = '\0'
before unparsing whenever we have room to do so.

Signed-off-by: Joshua Oreman <oremanj@rwcr.net>
Signed-off-by: Marty Connor <mdc@etherboot.org>
src/core/uri.c

index 9666778..6a1f2e5 100644 (file)
@@ -225,12 +225,13 @@ int unparse_uri ( char *buf, size_t size, struct uri *uri,
        dump_uri ( uri );
        DBG ( "\n" );
 
+       /* Ensure buffer is NUL-terminated */
+       if ( size )
+               buf[0] = '\0';
+
        /* Special-case NULL URI */
-       if ( ! uri ) {
-               if ( size )
-                       buf[0] = '\0';
+       if ( ! uri )
                return 0;
-       }
 
        /* Iterate through requested fields */
        for ( i = URI_FIRST_FIELD; i <= URI_LAST_FIELD; i++ ) {