Bug in cpio with multiple `reels', FIX
Bruce Robertson
bruce at stride.UUCP
Wed Mar 26 16:15:45 AEST 1986
Description:
There is a bug in cpio that causes it to do strange things, usually
either a core dump or an infinite loop, when you reach the 17th
`reel' of a multiple reel cpio file, such as with floppies.
Repeat-By:
Just do a directory listing, cpio -itvB, of a cpio file occupying
more than 17 `reels'.
Fix:
The problem is that cpio opens /dev/tty to prompt the user for
a new input file name, and never bothers to close it. Also, it
never checks to see if the open succeeded, resulting in a call
to fgets() with a null FILE pointer. This is what causes the
infinite loop and/or core dump. Here's the fix:
*** /usr/src/cmd/cpio.c-old Tue Mar 25 22:09:48 1986
--- /usr/src/cmd/cpio.c Tue Mar 25 22:09:53 1986
***************
*** 1173,1178
fprintf(stderr,"If you want to go on, type device/file name when ready\n");
devtty = fopen("/dev/tty", "r");
fgets(str, 20, devtty);
str[strlen(str) - 1] = '\0';
if(!*str)
exit(2);
--- 1176,1182 -----
fprintf(stderr,"If you want to go on, type device/file name when ready\n");
devtty = fopen("/dev/tty", "r");
fgets(str, 20, devtty);
+ fclose(devtty);
str[strlen(str) - 1] = '\0';
if(!*str)
exit(2);
--
Bruce Robertson
UUCP: cbosgd!utah-cs!utah-gr!stride!bruce
ARPA: stride!bruce at utah-gr.arpa
More information about the Net.bugs.usg
mailing list