s3-utils: Correctly handle getenv() for the later system() call.

The returned string of getenv() has an unknown size. You need to store
the result always in a char array with a certain size to make sure we
don't feed tainted data to the next function call.

Found by Coverity.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

diff --git a/source3/utils/interact.c b/source3/utils/interact.c
index 39ec7071760960ee451aa5c78a49cfc3172bf810..6d753dd012eb1d0b9c82e600a8641f1983916baa 100644 (file)
--- a/source3/utils/interact.c
+++ b/source3/utils/interact.c
@@ -31,16 +31,19 @@
 #include <termios.h>
 
 static const char* get_editor(void) {
-       static const char* editor = NULL;
-       if (editor == NULL) {
-               editor = getenv("VISUAL");
-               if (editor == NULL) {
-                       editor = getenv("EDITOR");
+       static char editor[64] = {0};
+
+       if (editor[0] == '\0') {
+               const char *tmp = getenv("VISUAL");
+               if (tmp == NULL) {
+                       tmp = getenv("EDITOR");
                }
-               if (editor == NULL) {
-                       editor = "vi";
+               if (tmp == NULL) {
+                       tmp = "vi";
                }
+               snprintf(editor, sizeof(editor), "%s", tmp);
        }
+
        return editor;
 }