true, false: perform initialization only when argc == 2

* src/true.c (main): There is no reason to examine argv[0],
call atexit, etc., in the usual case in which we're about to exit.
This has the side effect of making it so that these programs
no longer segfault when subjected to execve abuse.
Before this change, these commands would make "true" segfault:
  printf '%s\n' '#include <unistd.h>' 'int main(int c, char**v)' \
    '{ execve (v[1], 0, 0); }' > k.c && gcc k.c && ./a.out $PWD/true
Now it succeeds.  Reported by Tetsuo Handa and Bart Van Assche
via Ondřej Vašík in http://bugzilla.redhat.com/537684.

diff --git a/src/true.c b/src/true.c
index f3e937f5a937f8b1ea075fd600e9ff52b240ec3a..d9d0118c2e4f6c390c1428a995ae8631af29e2a8 100644 (file)
--- a/src/true.c
+++ b/src/true.c
@@ -54,18 +54,18 @@ Usage: %s [ignored command line arguments]\n\
 int
 main (int argc, char **argv)
 {
-  initialize_main (&argc, &argv);
-  set_program_name (argv[0]);
-  setlocale (LC_ALL, "");
-  bindtextdomain (PACKAGE, LOCALEDIR);
-  textdomain (PACKAGE);
-
-  atexit (close_stdout);
-
   /* Recognize --help or --version only if it's the only command-line
      argument.  */
   if (argc == 2)
     {
+      initialize_main (&argc, &argv);
+      set_program_name (argv[0]);
+      setlocale (LC_ALL, "");
+      bindtextdomain (PACKAGE, LOCALEDIR);
+      textdomain (PACKAGE);
+
+      atexit (close_stdout);
+
       if (STREQ (argv[1], "--help"))
         usage (EXIT_STATUS);