From: Jim Meyering <meyering@redhat.com>
Date: Wed, 28 Dec 2011 17:30:50 +0000 (+0100)
Subject: tail: avoid theoretically undefined behavior
X-Git-Tag: v8.15~23
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6e00315bf290310895036fce979a7e0210871b63;p=thirdparty%2Fcoreutils.git

tail: avoid theoretically undefined behavior

* src/tail.c (start_lines): Do not form potentially-invalid address.
Use safe_read's return value as a pointer offset only after
ensuring that it is not SAFE_READ_ERROR (size_t)(-1).
Spotted by coverity.
Also, move declaration of "p" to be closer to first use.
---

diff --git a/src/tail.c b/src/tail.c
index 4581845d10..5d86da2d42 100644
--- a/src/tail.c
+++ b/src/tail.c
@@ -848,9 +848,7 @@ start_lines (const char *pretty_filename, int fd, uintmax_t n_lines,
   while (1)
     {
       char buffer[BUFSIZ];
-      char *p = buffer;
       size_t bytes_read = safe_read (fd, buffer, BUFSIZ);
-      char *buffer_end = buffer + bytes_read;
       if (bytes_read == 0) /* EOF */
         return -1;
       if (bytes_read == SAFE_READ_ERROR) /* error */
@@ -859,8 +857,11 @@ start_lines (const char *pretty_filename, int fd, uintmax_t n_lines,
           return 1;
         }
 
+      char *buffer_end = buffer + bytes_read;
+
       *read_pos += bytes_read;
 
+      char *p = buffer;
       while ((p = memchr (p, '\n', buffer_end - p)))
         {
           ++p;