git.karo-electronics.de Git - karo-tx-linux.git/commit

author	Michal Nazarewicz <mina86@mina86.com>
	Tue, 5 Nov 2013 05:56:06 +0000 (16:56 +1100)
committer	Stephen Rothwell <sfr@canb.auug.org.au>
	Tue, 5 Nov 2013 05:56:06 +0000 (16:56 +1100)
commit	03c4d2b5fa692b23a4f9a56317999fdaf5aaf8d8
tree	719c8e5e138ed4bcb2eac585ed388e27e0e341f3	tree \| snapshot
parent	37ba1f6f12cd5cd710c081539d724ad37b8fde87	commit \| diff

gen_init_cpio: avoid NULL pointer dereference and rework env expanding

getenv() may return NULL if given environment variable does not exist
which leads to NULL dereference when calling strncat.

Besides that, the environment variable name was copied to a temporary
env_var buffer, but this copying can be avoided by simply using the input
string.

Lastly, the whole loop can be greatly simplified by using the snprintf
function instead of the playing with strncat.

By the way, the current implementation allows a recursive variable
expansion, as in:

$ echo 'out ${A} out ' | A='a ${B} a' B=b /tmp/a
out a b a out

I'm assuming this is just a side effect and not a conscious decision
(especially as this may lead to infinite loop), but I didn't want to
change this behaviour without consulting.

If the current behaviour is deamed incorrect, I'll be happy to send
a patch without recursive processing.

Signed-off-by: Michal Nazarewicz <mina86@mina86.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Jiri Kosina <jkosina@suse.cz>
Cc: Jesper Juhl <jj@codesealer.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>