From: Graham Percival <gperciva@tarsnap.com>
Date: Wed, 28 Sep 2016 18:02:34 +0000 (-0700)
Subject: Initialize subst rule->result pointer to NULL
X-Git-Tag: v3.2.2~9^2~10^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6d3ba9c0a03e57e20873ecd836da310fa3c9ddab;p=thirdparty%2Flibarchive.git

Initialize subst rule->result pointer to NULL

This is not directly useful in libarchive at the present time, but
it might be in the future.  If a project which uses this code adds
an atexit(3) handler to clean up memory, and somebody runs:
    bsdtar somestring -t
then "omestring" will be interpreted as an (invalid) substitution
rule and call lafe_errc().  However, if the atexit() handler then
calls cleanup_substition(), it will try to free(rule->result)
which was not initialized.

Sponsored by:	Tarsnap Backup Inc.
---

diff --git a/tar/subst.c b/tar/subst.c
index 4710e06a6..39c54acfd 100644
--- a/tar/subst.c
+++ b/tar/subst.c
@@ -84,6 +84,7 @@ add_substitution(struct bsdtar *bsdtar, const char *rule_text)
 	if (rule == NULL)
 		lafe_errc(1, errno, "Out of memory");
 	rule->next = NULL;
+	rule->result = NULL;
 
 	if (subst->last_rule == NULL)
 		subst->first_rule = rule;