stdbuf: avoid even the appearance of a possible use-after-free

There was an execution path by which "libstdbuf" could be used after
being freed, but that would happen only if there were no libstdbuf.so
alongside the stdbuf program and there had been an installation error
leading to absence of the file, PKGLIBDIR/libstdbuf.so.
* src/stdbuf.c (set_LD_PRELOAD): Rearrange loop to make it perfectly
clear that there is no possibility of use-after-free.
Steve Grubb reported this possible use-after-free of "libstdbuf".

diff --git a/src/stdbuf.c b/src/stdbuf.c
index dce338f4fe2491c6dc8739c4a25a317b10d51813..607859ca1616c571423eeda22cecfb3d9af587a6 100644 (file)
--- a/src/stdbuf.c
+++ b/src/stdbuf.c
@@ -209,7 +209,7 @@ set_LD_PRELOAD (void)
   char const *const *path = search_path;
   char *libstdbuf;
 
-  do
+  while (true)
     {
       struct stat sb;
 
@@ -224,8 +224,11 @@ set_LD_PRELOAD (void)
       if (stat (libstdbuf, &sb) == 0)   /* file_exists  */
         break;
       free (libstdbuf);
+
+      ++path;
+      if ( ! *path)
+        error (EXIT_CANCELED, 0, _("failed to find %s"), quote (LIB_NAME));
     }
-  while (*++path);
 
   /* FIXME: Do we need to support libstdbuf.dll, c:, '\' separators etc?  */