svn commit: r368503 - head/usr.sbin/crunch/crunchgen

[Stefan Eßer]

Author: se
Date: Thu Dec 10 09:31:05 2020
New Revision: 368503
URL: https://svnweb.freebsd.org/changeset/base/368503

Log:
  Lift scope of buf[] to make it extend to a potential access via *basename
  
  It can be assumed that the contents of the buffer was still allocated and
  valid at the point of the out-of-scope access, so there was no security
  issue in practice.
  
  Reported by:	Coverity Scan CID 1437697
  MFC after:	3 days

Modified:
  head/usr.sbin/crunch/crunchgen/crunched_main.c

Modified: head/usr.sbin/crunch/crunchgen/crunched_main.c
==============================================================================
--- head/usr.sbin/crunch/crunchgen/crunched_main.c	Thu Dec 10 09:30:09 2020	(r368502)
+++ head/usr.sbin/crunch/crunchgen/crunched_main.c	Thu Dec 10 09:31:05 2020	(r368503)
@@ -114,6 +114,7 @@ main(int argc, char **argv, char **envp)
 {
 	struct stub *ep = NULL;
 	const char *basename = NULL;
+	char buf[MAXPATHLEN];
 
 	/*
 	 * Look at __progname first (this will be set if the crunched binary is
@@ -141,7 +142,6 @@ main(int argc, char **argv, char **envp)
 	 * try AT_EXECPATH to get the actual binary that was executed.
 	 */
 	if (ep == NULL) {
-		char buf[MAXPATHLEN];
 		int error = elf_aux_info(AT_EXECPATH, &buf, sizeof(buf));
 
 		if (error == 0) {