From e0cc53235475ba113fd9781e3951e05a0d5ae005 Mon Sep 17 00:00:00 2001
From: Deepak Bhole <dbhole@redhat.com>
Date: Tue, 15 Feb 2011 17:02:05 -0500
Subject: Fix S6983554, CVE-2010-4450: Launcher incorrect processing of empty
 library path entries

---
 launcher/java_md.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'launcher')

diff --git a/launcher/java_md.c b/launcher/java_md.c
index e3e5e6f..2e0e96b 100644
--- a/launcher/java_md.c
+++ b/launcher/java_md.c
@@ -484,7 +484,7 @@ CreateExecutionEnvironment(int *_argcp,
        * LD_LIBRARY_PATH.  Note that this prevents any possible infinite
        * loop of execv() because we test for the prefix, above.
        */
-      if (runpath != 0) {
+      if (runpath != 0 && (runpath[0] != '\0')) {
         strcat(new_runpath, ":");
         strcat(new_runpath, runpath);
       }
-- 
cgit v1.2.3