From: Francis Deslauriers <francis.deslauriers@efficios.com>
Date: Fri, 4 May 2018 16:07:34 +0000 (-0400)
Subject: Fix: zero out URL parsing array before use and ensure proper error reporting
X-Git-Tag: v1.5.6~4
X-Git-Url: http://git.efficios.com/?p=babeltrace.git;a=commitdiff_plain;h=340a47b8900142bf0bee9042c6595550c849bea4

Fix: zero out URL parsing array before use and ensure proper error reporting

The remain[2] array is being used uninitialized when such URI is used:
`net://localhost:1234`.
The following line (142) will return 1:
  `ret = sscanf(remain[0], ":%d%s", &ctx->port, remain[1]);`
because `sscanf` won't match on the string (%s) delimiter.
This will leave `remain[2]` uninitialized.

This potentially uninitialized array is being used further down the function.

As a fix, we zero out the array at initialization time to prevent the
`strlen(remain[2])` call from using uninitialized memory.

Signed-off-by: Francis Deslauriers <francis.deslauriers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
---

diff --git a/formats/lttng-live/lttng-live-plugin.c b/formats/lttng-live/lttng-live-plugin.c
index 4aedd22e..8c4b3076 100644
--- a/formats/lttng-live/lttng-live-plugin.c
+++ b/formats/lttng-live/lttng-live-plugin.c
@@ -103,7 +103,7 @@ int setup_sighandler(void)
 static
 int parse_url(const char *path, struct lttng_live_ctx *ctx)
 {
-	char remain[3][MAXNAMLEN];
+	char remain[3][MAXNAMLEN] = { 0 };
 	int ret = -1, proto, proto_offset = 0;
 	size_t path_len = strlen(path);	/* not accounting \0 */
 
@@ -185,6 +185,7 @@ int parse_url(const char *path, struct lttng_live_ctx *ctx)
 	if (ret != 2) {
 		fprintf(stderr, "[error] Format : "
 			"net://<hostname>/host/<traced_hostname>/<session_name>\n");
+		ret = -1;
 		goto end;
 	}