Re: [hackers] [sbase][PATCH] fix segfault in basename

From: Roberto E. Vargas Caballero <k0ga_AT_shike2.net>
Date: Mon, 3 Nov 2025 11:34:30 +0100

Hi,

On Sat, Nov 01, 2025 at 10:55:43PM -0400, Carlos J. Torres wrote:
> diff --git a/basename.c b/basename.c
> index 94a2848..b3193ef 100644
> --- a/basename.c
> +++ b/basename.c
> _AT_@ -26,7 +26,7 @@ main(int argc, char *argv[])
> usage();
>
> p = basename(argv[0]);
> - if (argc == 2) {
> + if (argc == 2 && strlen(argv[1]) > 0) {
> off = strlen(p) - strlen(argv[1]);
> if (off > 0 && !strcmp(p + off, argv[1]))
> p[off] = '\0';

Can you provide an example of the segfault? Reading the
code seems that it works with an empty argv[1], because
off will be equivalent to the length of p, and p + off
is just a pointer to the nul terminating character of
p, and then as argv[1] == '\0' and p[off] == '\0' then
strcmp will be true and he will just overwrite the '\0'
from p[off] with another '\0', so no actual change.

Regards,
Received on Mon Nov 03 2025 - 11:34:30 CET