From: Rich Felker Date: Mon, 16 Apr 2012 17:03:22 +0000 (-0400) Subject: fix crash in wordfree if we_offs is not initialized by the caller X-Git-Tag: v0.8.8~24 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=bef7a85e45ccc4b40958ca6d94894ca0d27e8291;p=oweals%2Fmusl.git fix crash in wordfree if we_offs is not initialized by the caller I'm not sure if it's legal for wordexp to modify this field, but this is the only easy/straightforward fix, and applications should not care. if it's an issue, i can work out a different (but more complex) solution later. --- diff --git a/src/misc/wordexp.c b/src/misc/wordexp.c index 4a3efc7b..34fc900a 100644 --- a/src/misc/wordexp.c +++ b/src/misc/wordexp.c @@ -82,6 +82,8 @@ static int do_wordexp(const char *s, wordexp_t *we, int flags) if (we->we_offs > SIZE_MAX/sizeof(void *)/4) return WRDE_NOSPACE; i += we->we_offs; + } else { + we->we_offs = 0; } if (pipe(p) < 0) return WRDE_NOSPACE;