Message-ID: <gh-postgresql-interfaces-psqlodbc-99@github.com>
From: "lvoege (@lvoege)" <noreply+lvoege@github.com>
To: "postgresql-interfaces/psqlodbc" <noreply+postgresql-interfaces-psqlodbc@github.com>
Date: Wed, 26 Mar 2025 00:08:35 +0000
Subject: [postgresql-interfaces/psqlodbc] issue #99: possible use of uninitialized memory in GetExeProgramName()
List-Id: <gh-postgresql-interfaces-psqlodbc.github.com>
X-GitHub-Author-Id: 5409684
X-GitHub-Author-Login: lvoege
X-GitHub-Issue: 99
X-GitHub-Repo: postgresql-interfaces/psqlodbc
X-GitHub-State: closed
X-GitHub-Type: issue
X-GitHub-Url: https://github.com/postgresql-interfaces/psqlodbc/issues/99
Content-Type: text/plain; charset=utf-8

while pointing valgrind at something unrelated it spotted the use of uninitialized memory in `po_basename()` in `mylog.c`. this is because `GetExeProgramName()` calls `readlink()`, `readlink()` doesn't add a terminating null and `GetExeProgramName()` doesn't add one itself, so the `strrchr()` in `po_basename()` can then start from garbage.

this fixes it:

~~~
diff --git a/mylog.c b/mylog.c
index 9377ad2..66e24a9 100644
--- a/mylog.c
+++ b/mylog.c
@@ -133,8 +133,10 @@ const char *GetExeProgramName()
 
                for (i = 0; i < sizeof(flist) / sizeof(flist[0]); i++)
                {
-                       if (readlink(flist[i], path_name, sizeof(path_name)) > 0)
+                       ssize_t len = readlink(flist[i], path_name, sizeof(path_name));
+                       if (len > 0)
                        {
+                               path_name[len] = 0;
                                /* fprintf(stderr, "i=%d pathname=%s\n", i, path_name); */
                                STRCPY_FIXED(exename, po_basename(path_name));
                                break;