Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
icon4.gif   Possible bug in elogd execute_shell, posted by Nigel Warr on Fri Feb 26 08:47:22 2016 
    icon2.gif   Re: Possible bug in elogd execute_shell, posted by Stefan Ritt on Fri Feb 26 09:09:03 2016 
Message ID: 68267     Entry time: Fri Feb 26 08:47:22 2016     Reply to this: 68268
Icon: Warning  Author: Nigel Warr  Author Email: warr@ikp.uni-koeln.de 
Category: Bug report  OS: Linux  ELOG Version: 3.1.1-1 
Subject: Possible bug in elogd execute_shell 

I was just playing around with gcc6's new feature for warning about misleading indentation (which can often hide real bugs) and I think it found one in elog-3.1.1-1 at src/elogd.c:22538. Here there is an if statement, which looks as though it should be inside a loop, but it isn't. The code is:

      for (i = 0; i < MAX_ATTACHMENTS; i++)
         generate_subdir_name(att_file[i], subdir, sizeof(subdir));
         if (att_file[i][0] && strlen(shell_cmd) + strlen(lbs->data_dir) + strl$
             < sizeof(shell_cmd) + 1)
{
            strcpy(p, "\"");
            strcat(p, lbs->data_dir);
            strlcat(str, subdir, sizeof(str));
            strlcpy(str, att_file[i], sizeof(str));
            str_escape(str, sizeof(str));
            strcat(p, str);
            strcat(p, "\" ");
            p += strlen(p);
         }

and the if statment is accessing the loop variable i but it is actually outside the loop. Presumably, there should be some more curly brackets here. gcc6 gave the warning:

src/elogd.c: In function ‘execute_shell’:
src/elogd.c:22538:10: warning: statement is indented as if it were guarded by... [-Wmisleading-indentation]
          if (att_file[i][0] && strlen(shell_cmd) + strlen(lbs->data_dir) + strlen(subdir) + strlen(att_file[i])
          ^~
src/elogd.c:22536:7: note: ...this ‘for’ clause, but it is not
       for (i = 0; i < MAX_ATTACHMENTS; i++)
       ^~~

ELOG V3.1.5-3fb85fa6