6764766 Array overrun in libsecdb

1 files changed, 12 insertions, 14 deletions

diff --git a/usr/src/lib/libsecdb/common/secdb.c b/usr/src/lib/libsecdb/common/secdb.c
index 8d2b00829a..01bfa84c46 100644
--- a/usr/src/lib/libsecdb/common/secdb.c
+++ b/usr/src/lib/libsecdb/common/secdb.c
@@ -2,9 +2,8 @@
  * CDDL HEADER START
  *
  * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
  *
  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  * or http://www.opensolaris.org/os/licensing.
@@ -20,11 +19,10 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -317,16 +315,16 @@ _argv_to_csl(char **strings)
 	for (i = 0; strings[i] != NULL; i++) {
 		len += strlen(strings[i]) + 1;
 	}
-	if ((newstr = (char *)malloc(len + 1)) == NULL) {
+	if ((len > 0) && ((newstr = (char *)malloc(len + 1)) != NULL)) {
+		(void) memset(newstr, 0, len);
+		for (i = 0; strings[i] != NULL; i++) {
+			(void) strcat(newstr, strings[i]);
+			(void) strcat(newstr, ",");
+		}
+		newstr[len-1] = NULL;
+		return (newstr);
+	} else
 		return ((char *)NULL);
-	}
-	(void) memset(newstr, 0, len);
-	for (i = 0; strings[i] != NULL; i++) {
-		(void) strcat(newstr, strings[i]);
-		(void) strcat(newstr, ",");
-	}
-	newstr[len-1] = NULL;
-	return (newstr);
 }