From 2001fb6f81c6914abb8e00e21b4eeffbe186a7e3 Mon Sep 17 00:00:00 2001
From: Tyler Hicks <tyhicks@canonical.com>
Date: Wed, 5 Feb 2014 13:39:24 -0500
Subject: [PATCH] parser: Quiet valgrind false positive

strlen() assumes that it can read an entire word but when a char array
does not end on a word boundary, it reads past the end of the array.
This results in the following valgrind warning:

 Invalid read of size 4
    at 0x40A162: yylex() (parser_lex.l:277)
    by 0x40FA14: yyparse() (parser_yacc.c:1487)
    by 0x40C5B9: process_profile(int, char const*) (parser_main.c:1003)
    by 0x404074: main (parser_main.c:1340)
  Address 0x578d870 is 16 bytes inside a block of size 18 alloc'd
    at 0x4C2A420: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
    by 0x53E31C9: strdup (strdup.c:42)
    by 0x40A145: yylex() (parser_lex.l:276)
    by 0x40FA14: yyparse() (parser_yacc.c:1487)
    by 0x40C5B9: process_profile(int, char const*) (parser_main.c:1003)
    by 0x404074: main (parser_main.c:1340)

This patch quiets the warning by not using strlen(). This can be done
because yyleng already contains the length of string.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
---
 parser/parser_lex.l | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/parser/parser_lex.l b/parser/parser_lex.l
index 1938297d7..1b6005336 100644
--- a/parser/parser_lex.l
+++ b/parser/parser_lex.l
@@ -273,8 +273,7 @@ LT_EQUAL	<=
 
 <INCLUDE>{
 	(\<([^\> \t\n]+)\>|\"([^\" \t\n]+)\")	{	/* <filename> */
-		char *filename = strdup(yytext);
-		filename[strlen(filename) - 1] = '\0';
+		char *filename = strndup(yytext, yyleng - 1);
 		include_filename(filename + 1, *filename == '<');
 		free(filename);
 		yy_pop_state();