eject: Fix OOB access with empty argument

The the supplied argument is an empty string, eject triggers an out of
boundary access due to strlen() - 1 calculation.

Verify that the string is not empty before checking its last character.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

diff --git a/sys-utils/eject.c b/sys-utils/eject.c
index 0debd0df334f3d26a14c1cda0c5ca17103a9af1a..5c03c712751dae93e1f5b051f67162b6809d73b9 100644 (file)
--- a/sys-utils/eject.c
+++ b/sys-utils/eject.c
@@ -868,9 +868,10 @@ int main(int argc, char **argv)
                verbose(&ctl, _("using default device `%s'"), ctl.device);
        } else {
                char *p;
+               size_t len = strlen(ctl.device);
 
-               if (ctl.device[strlen(ctl.device) - 1] == '/')
-                       ctl.device[strlen(ctl.device) - 1] = '\0';
+               if (len && ctl.device[len - 1] == '/')
+                       ctl.device[len - 1] = '\0';
 
                /* figure out full device or mount point name */
                p = find_device(ctl.device);