From 07f3fee164bd7ba14ce9b2dd3818006f07162845 Mon Sep 17 00:00:00 2001 From: "Christopher R. Palmer" Date: Mon, 22 Sep 2014 14:35:54 -0400 Subject: [PATCH] init: Fix memory corruption when sanitizing platform paths This commit fixes code that incorrectly increments s when it hits the terminator character of the string being sanitized. This means it will randomly start trashing memory beyond the end of the string being sanitized until it happens to hit two NULs (\0\0) which will break it out of the loop. Change-Id: I76553d7f183236a78a0bc7b408e92559b98f732f --- init/util.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/init/util.c b/init/util.c index 0f69e1c5f..e1a3ee33a 100644 --- a/init/util.c +++ b/init/util.c @@ -329,9 +329,9 @@ void sanitize(char *s) if (!s) return; - for (; *s; s++) { + while (*s) { s += strspn(s, accept); - if (*s) *s = '_'; + if (*s) *s++ = '_'; } }