Xref: utzoo comp.bugs.2bsd:205 comp.bugs.4bsd:1488
Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!usc!apple!voder!wlbr!wlv!sms
From: sms@wlv.imsd.contel.com (Steven M. Schultz)
Newsgroups: comp.bugs.2bsd,comp.bugs.4bsd
Subject: /etc/lpc uses NULL pointer
Message-ID: <42688@wlbr.IMSD.CONTEL.COM>
Date: 17 Dec 89 19:56:38 GMT
Sender: news@wlbr.IMSD.CONTEL.COM
Reply-To: sms@wlv.imsd.contel.com (Steven M. Schultz)
Followup-To: comp.bugs.2bsd
Organization: Contel Federal Systems
Lines: 74

Subject: lpc references NULL pointer
Index:	usr.lib/lpr/lpc.c 2.10BSD

Description:
	Asking for help, either by "?" or "help" produces a parenthesized
	'null' at the end of the command list (on a pdp-11) or possibly
	a coredump on machines where NULL pointers are illegal.  'lpc' is not 
	checking properly for the end of the command list which is NULL 
	terminated.

Repeat-By:
	# /etc/lpc
	lpc> ?
	Commands may be abbreviated.  Commands are:

	abort   enable  disable help    restart status  topq    ?
	clean   exit    down    quit    start   stop    up      (null)
	lpc> quit
	# 

	The output SHOULD be:

	# ./lpc
	lpc> ?
	Commands may be abbreviated.  Commands are:

	abort   enable  disable help    restart status  topq    ?
	clean   exit    down    quit    start   stop    up      
	lpc> quit
	#

Fix:

	Apply the patch below to lpc.c, there are two changes - the first
	avoids doing "strlen" on a NULL pointer, the second prevents
	using NULL in a "printf".

*** lpc.c.old	Sun Feb 22 06:43:09 1987
--- lpc.c	Sun Dec 17 14:24:25 1989
***************
*** 193,199 ****
  		extern int NCMDS;
  
  		printf("Commands may be abbreviated.  Commands are:\n\n");
! 		for (c = cmdtab; c < &cmdtab[NCMDS]; c++) {
  			int len = strlen(c->c_name);
  
  			if (len > width)
--- 193,199 ----
  		extern int NCMDS;
  
  		printf("Commands may be abbreviated.  Commands are:\n\n");
! 		for (c = cmdtab; c->c_name; c++) {
  			int len = strlen(c->c_name);
  
  			if (len > width)
***************
*** 207,213 ****
  		for (i = 0; i < lines; i++) {
  			for (j = 0; j < columns; j++) {
  				c = cmdtab + j * lines + i;
! 				printf("%s", c->c_name);
  				if (c + lines >= &cmdtab[NCMDS]) {
  					printf("\n");
  					break;
--- 207,214 ----
  		for (i = 0; i < lines; i++) {
  			for (j = 0; j < columns; j++) {
  				c = cmdtab + j * lines + i;
! 				if (c->c_name)
! 					printf("%s", c->c_name);
  				if (c + lines >= &cmdtab[NCMDS]) {
  					printf("\n");
  					break;