URL: <https://savannah.gnu.org/bugs/?59133>
Summary: strdup without error handling in print.c:do_fprintf() Project: findutils Submitted by: x251 Submitted on: Fri 18 Sep 2020 07:07:33 PM UTC Category: find Severity: 3 - Normal Item Group: None Status: None Privacy: Public Assigned to: None Originator Name: Originator Email: Open/Closed: Open Release: 4.7.0 Discussion Lock: Any Fixed Release: None _______________________________________________________ Details: strdup() is called and the resulting pointer is dereferenced without NULL check: case 'h': /* leading directories part of path */ /* sanitised */ { char *pname = strdup (pathname); /* Remove trailing slashes - unless it's the root '/' directory. */ char *s = pname + strlen (pname) -1; for ( ; pname <= s; s--) (Reported by Infer) _______________________________________________________ Reply to this item at: <https://savannah.gnu.org/bugs/?59133> _______________________________________________ Message sent via Savannah https://savannah.gnu.org/