[PATCH] libb: fix DEREF_OF_NULL.EX in securetty.c

[Anton Moryakov]

Report of the static analyzer:
DEREF_OF_NULL.EX After having been assigned to a NULL value at securetty.c:17, pointer 'buf' is dereferenced at securetty.c:15 by calling function 'strcmp'.

Corrections explained:
1. Added a check `buf != NULL` before calling `strcmp` to prevent
dereferencing a NULL pointer.

2. The logic of the function remains unchanged: if `buf` is not NULL
after the loop ends, it means either the file `/etc/securetty` was
not found, it is empty, or a line matching `short_tty` was found.
In all these cases, the function returns 1 (TTY is considered secure).

Triggers found by static analyzer Svace.

Signed-off-by: Anton Moryakov <ant.v.moryakov at gmail.com>

---
 libbb/securetty.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libbb/securetty.c b/libbb/securetty.c
index 21354e2fa..effaa3b47 100644
--- a/libbb/securetty.c
+++ b/libbb/securetty.c
@@ -12,7 +12,7 @@ int FAST_FUNC is_tty_secure(const char *short_tty)
 	char *buf = (char*)"/etc/securetty"; /* any non-NULL is ok */
 	parser_t *parser = config_open2("/etc/securetty", fopen_for_read);
 	while (config_read(parser, &buf, 1, 1, "# \t", PARSE_NORMAL)) {
-		if (strcmp(buf, short_tty) == 0)
+		if (buf != NULL && strcmp(buf, short_tty) == 0)
 			break;
 		buf = NULL;
 	}
-- 
2.30.2