use of uninitialised value in input_file_open

Triggered by a file containing just "#N" or "#A".  fgets when hitting
EOF before reading anything returns NULL and does not write to buf.
strchr (buf, '\n') then is reading from uninitialised memory.

	* input-file.c (input_file_open): Don't assume buf contains
	zero string terminator when fgets returns NULL.

diff --git a/gas/input-file.c b/gas/input-file.c
index f1085c1f0f15025040d21afbe7fd58b33f0fa385..d7cf56cc09a389c9f37ad4c3fa8ba66a1080cf4a 100644 (file)
--- a/gas/input-file.c
+++ b/gas/input-file.c
@@ -170,20 +170,20 @@ input_file_open (const char *filename,
       c = getc (f_in);
       if (c == 'N')
        {
-         if (fgets (buf, sizeof (buf), f_in)
-             && startswith (buf, "O_APP") && ISSPACE (buf[5]))
+         char *p = fgets (buf, sizeof (buf), f_in);
+         if (p && startswith (p, "O_APP") && ISSPACE (p[5]))
            preprocess = 0;
-         if (!strchr (buf, '\n'))
-           ungetc ('#', f_in); /* It was longer.  */
+         if (!p || !strchr (p, '\n'))
+           ungetc ('#', f_in);
          else
            ungetc ('\n', f_in);
        }
       else if (c == 'A')
        {
-         if (fgets (buf, sizeof (buf), f_in)
-             && startswith (buf, "PP") && ISSPACE (buf[2]))
+         char *p = fgets (buf, sizeof (buf), f_in);
+         if (p && startswith (p, "PP") && ISSPACE (p[2]))
            preprocess = 1;
-         if (!strchr (buf, '\n'))
+         if (!p || !strchr (p, '\n'))
            ungetc ('#', f_in);
          else
            ungetc ('\n', f_in);