From 3d14c83e56bf6faac3325df0459aac1767769fbe Mon Sep 17 00:00:00 2001
From: Radim Kolar <>
Date: Tue, 9 Sep 2014 09:03:40 +0200
Subject: [PATCH] always validate path in setpro and mkdir - avoid
 uninitialized pointer access

---
 ChangeLog       |  5 ++++-
 server/server.c | 26 +++++++++++++-------------
 2 files changed, 17 insertions(+), 14 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index e6fa28b..63bf48b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,7 +12,10 @@ Version NEXT
 	Do not use sgmlformat, call jade directly
 	correctly zero entire sockaddr_in structure during name resolving,
 	  error found by clang.
-	allow docbook dsssl stylesheets to be specified at scons command line  
+	allow docbook dsssl stylesheets to be specified at scons command line
+	always validate path in SETPRO and MKDIR even if packet is resent and
+	  no action will be taken. This is needed to avoid uninitialised
+	  pointer access during reply. Found by Clang.
 
 Version 2.8.1b26 - 1 Oct 2009
 	fver now reports if server can process extra data in input packets.
diff --git a/server/server.c b/server/server.c
index ab9eeac..8195a50 100644
--- a/server/server.c
+++ b/server/server.c
@@ -728,16 +728,16 @@ static void server_process_packet (unsigned bytes, UBUF * ub, int old,
         send_error(from, ub, "Server is running in read-only mode") ;
 	return;
       }
-      if(!old)
+      pe = validate_path(s1,l1,&pp,&di,0);
+      if(pe)
       {
-	pe = validate_path(s1,l1,&pp,&di,0);
-	if(pe)
-	{
 	    ACTIONLOG1(L_MAKEDIR|L_ERR,"MAKEDIR");
 	    ACTIONFAILED(L_MAKEDIR|L_ERR,pe);
             send_error(from, ub, pe) ;
 	    return;
-	}
+      }
+      if(!old)
+      {
 	CHECK_ACCESS_RIGHTS(DIR_MKDIR,L_MAKEDIR);
 	pe=server_make_dir(&pp,inet_num,&di);
 	if(pe)
@@ -778,16 +778,16 @@ static void server_process_packet (unsigned bytes, UBUF * ub, int old,
         send_error(from, ub, "Server is running in read-only mode") ;
 	return;
       }
+      pe = validate_path(s1,l1,&pp,&di,1);
+      if(pe)
+      {
+         ACTIONLOG1(L_SETPRO|L_ERR,"SETPRO");
+         ACTIONFAILED(L_SETPRO|L_ERR,pe);
+         send_error(from, ub, pe) ;
+         return;
+      }
       if(!old)
       {
-	pe = validate_path(s1,l1,&pp,&di,1);
-	if(pe)
-	{
-          ACTIONLOG1(L_SETPRO|L_ERR,"SETPRO");
-	  ACTIONFAILED(L_SETPRO|L_ERR,pe);
-          send_error(from, ub, pe) ;
-	  return;
-	}
         CHECK_ACCESS_RIGHTS(DIR_OWNER,L_SETPRO);
 	pe = server_set_pro(di,s2);
 	if(pe)