mkfs: avoid heap-buffer-read-underrun for zero-length "size" arg

* mkfs.c (parse_size): ./mkfs.btrfs -A '' would read and possibly write the byte before beginning of strdup'd heap buffer. All other size-accepting options were similarly affected. Reviewed-by: Josef Bacik <josef@redhat.com>
author: Jim Meyering <meyering@redhat.com> 2012-04-20 21:27:26 +0200
committer: Hugo Mills <hugo@carfax.org.uk> 2012-06-05 19:56:20 +0100
commit: 8ad8e789fc03423a9f1d33051b592419399184bb (patch)
tree: dc577d4651138bca17253e6982472505c6d2a2c9
parent: 54e345b5c2339dee170595f686dbd26937620262 (diff)
2 files changed, 2 insertions, 2 deletions
diff --git a/cmds-subvolume.c b/cmds-subvolume.c
index fc749f12..a01c830d 100644
--- a/cmds-subvolume.c
+++ b/cmds-subvolume.c
@@ -380,7 +380,7 @@ static int cmd_snapshot(int argc, char **argv)
 
 	args.fd = fd;
 	strncpy(args.name, newname, BTRFS_SUBVOL_NAME_MAX);
-	args.name[BTRFS_PATH_NAME_MAX-1] = 0;
+	args.name[BTRFS_SUBVOL_NAME_MAX-1] = 0;
 	res = ioctl(fddst, BTRFS_IOC_SNAP_CREATE_V2, &args);
 	e = errno;
 
diff --git a/mkfs.c b/mkfs.c
index 03239fb3..4aff2fd5 100644
--- a/mkfs.c
+++ b/mkfs.c
@@ -63,7 +63,7 @@ static u64 parse_size(char *s)
 
 	s = strdup(s);
 
-	if (!isdigit(s[len - 1])) {
+	if (len && !isdigit(s[len - 1])) {
 		c = tolower(s[len - 1]);
 		switch (c) {
 		case 'g':
author	Jim Meyering <meyering@redhat.com>	2012-04-20 21:27:26 +0200
committer	Hugo Mills <hugo@carfax.org.uk>	2012-06-05 19:56:20 +0100
commit	8ad8e789fc03423a9f1d33051b592419399184bb (patch)
tree	dc577d4651138bca17253e6982472505c6d2a2c9
parent	54e345b5c2339dee170595f686dbd26937620262 (diff)