file_util.c: fix possible bad memory access in file_read_line_alloc()

[project/opkg-lede.git] / libopkg / file_util.c

diff --git a/libopkg/file_util.c b/libopkg/file_util.c
index 61ff736cd2c82a224cb10f48d14532b8224bd792..c0acec3f8f6abaeb4a69507559a28406ba129f82 100644 (file)
--- a/libopkg/file_util.c
+++ b/libopkg/file_util.c
@@ -59,17 +59,14 @@ int file_is_dir(const char *file_name)
 */
 char *file_read_line_alloc(FILE * fp)
 {
+       size_t buf_len, line_size;
        char buf[BUFSIZ];
-       unsigned int buf_len;
        char *line = NULL;
-       unsigned int line_size = 0;
        int got_nl = 0;
 
-       buf[0] = '\0';
-
        while (fgets(buf, BUFSIZ, fp)) {
                buf_len = strlen(buf);
-               if (buf[buf_len - 1] == '\n') {
+               if (buf_len > 0 && buf[buf_len - 1] == '\n') {
                        buf_len--;
                        buf[buf_len] = '\0';
                        got_nl = 1;
@@ -235,7 +232,7 @@ char *checksum_hex2bin(const char *src, size_t *len)
 {
        size_t slen;
        unsigned char *p;
-       const unsigned char *s = (unsigned char *)src;
+       const unsigned char *s;
        static unsigned char buf[32];
 
        if (!src) {
@@ -253,7 +250,7 @@ char *checksum_hex2bin(const char *src, size_t *len)
                return NULL;
        }
 
-       for (p = buf, *len = 0;
+       for (s = (unsigned char *)src, p = buf, *len = 0;
             slen > 0 && isxdigit(s[0]) && isxdigit(s[1]);
             slen--, s += 2, (*len)++)
                *p++ = hex2bin(s[0]) * 16 + hex2bin(s[1]);