getstoredxa: fix missing null termination in ts buffer

As reported at https://forums.gentoo.org/viewtopic-p-8294330.html , the ts[] buffer was not null-terminated, which means that sscanf reads into uninitialized memory, and we could get garbage values for the timestamp. This could lead to false positives like: Error: corrupt file "/usr/share/zoneinfo/Africa/Libreville" Fix the issue by initializing the whole array to zero. Thanks to mike155 ( https://forums.gentoo.org/viewtopic-p-8294330.html#8294330 ) for the analysis!
rfjakob · Jan 2, 2019 · 26873dd · 26873dd
1 parent b56c888
commit 26873dd
Showing 1 changed file with 6 additions and 4 deletions.
diff --git a/cshatag.c b/cshatag.c
@@ -151,12 +151,14 @@ xa_t getstoredxa(FILE *f)
 	 * 1335974989.123456789
 	 *    10     .     9     => len=20
 	 */
-	char ts[100];
+
 	/*
-	 * Initialize to zero-length string - if fgetxattr fails this is what we get
+	 * Initialize to all-zero so that:
+	 * 1) If fgetxattr fails we get a zero-length string
+	 * 2) If fgetxattr suceeds we have at least one null terminator
 	 */
-	ts[0]=0;
-	fgetxattr(fd, "user.shatag.ts", ts, sizeof(ts));
+	char ts[100]={0};
+	fgetxattr(fd, "user.shatag.ts", ts, sizeof(ts)-1);
 	/*
 	 * If sscanf fails (because ts is zero-length) variables stay zero
 	 */