From 33b3bb4e10ee96bfe5039adffd1cfaa6d2cc23b9 Mon Sep 17 00:00:00 2001
From: Peter Breitenlohner <address@hidden>
Date: Mon, 3 Aug 2009 13:34:08 +0200
Subject: [PATCH 5/5] locate: fix off-by-one bugs and enable assertions


Signed-off-by: Peter Breitenlohner <address@hidden>
---
 ChangeLog       |    5 +++++
 locate/locate.c |   17 ++++++++++++++---
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index caffb69..6e0c530 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
 2009-08-03  Peter Breitenlohner  <address@hidden>
 
+	* locate/locate.c: Enable assertions and fix the off-by-one
+	bugs that prevented this.
+
+2009-08-03  Peter Breitenlohner  <address@hidden>
+
 	* locate/locate.c: Simplify handling of slocate databases.
 	Fix the bug assuming second path extends the first one.
 	* locate/testsuite/locate.gnu/slocate.{exp,xo}: New testcase
diff --git a/locate/locate.c b/locate/locate.c
index c32db70..d73354c 100644
--- a/locate/locate.c
+++ b/locate/locate.c
@@ -293,7 +293,7 @@ locate_read_str(char **buf, size_t *siz, FILE *fp, int delimiter, int offs)
 	      *buf = pnew;
 	    }
 	}
-      memcpy((*buf)+offs, p, nread);
+      memcpy((*buf)+offs, p, nread + 1);
       free(p);
     }
   return nread;
@@ -583,10 +583,21 @@ visit_locate02_format(struct process_data *procdata, void *context)
   nread = locate_read_str (&procdata->original_filename,
 			   &procdata->pathsize,
 			   procdata->fp, 0, procdata->count);
-  if (nread < 0)
+  if (nread < 1)
     return VISIT_ABORT;
   procdata->c = getc (procdata->fp);
-  procdata->len = procdata->count + nread;
+  procdata->len = procdata->count + nread - 1; /* Number of chars in path. */
+
+  if (procdata->len < 1)
+    {
+      /* This should not happen generally, but since we're
+       * reading in data which is outside our control, we
+       * cannot prevent it.
+       */
+      error(1, 0, _("locate database %s is corrupt or invalid"),
+	    quotearg_n_style(0, locale_quoting_style, procdata->dbfile));
+    }
+
   s = procdata->original_filename + procdata->len - 1; /* Move to the last char in path.  */
   assert (s[0] != '\0');
   assert (s[1] == '\0'); /* Our terminator.  */
-- 
1.6.4