RS: fix bug that overflows r_argv[]

. reported and debugged by Arne Welzel
	. problem is if there are too many args
	. there is a check, but then unconditional NULL termination

servers/rs/manager.c

@@ -181,11 +181,17 @@ PUBLIC void build_cmd_dep(struct rproc *rp)
           *cmd_ptr = '\0';			/* terminate previous */
 	  while (*++cmd_ptr == ' ') ; 		/* skip spaces */
 	  if (*cmd_ptr == '\0') break;		/* no arg following */
-	  if (arg_count>MAX_NR_ARGS+1) break;	/* arg vector full */
+	  /* There are ARGV_ELEMENTS elements; must leave one for null */
+	  if (arg_count>=ARGV_ELEMENTS-1) {	/* arg vector full */
+		printf("RS: build_cmd_dep: too many args\n");
+	  	break;
+	  }
+	  assert(arg_count < ARGV_ELEMENTS);
           rp->r_argv[arg_count++] = cmd_ptr;	/* add to arg vector */
       }
       cmd_ptr ++;				/* continue parsing */
   }
+  assert(arg_count < ARGV_ELEMENTS);
   rp->r_argv[arg_count] = NULL;			/* end with NULL pointer */
   rp->r_argc = arg_count;
   

servers/rs/type.h

@@ -50,7 +50,8 @@ struct rproc {
 
   char r_cmd[MAX_COMMAND_LEN];	/* raw command plus arguments */
   char r_args[MAX_COMMAND_LEN];	/* null-separated raw command plus arguments */
-  char *r_argv[MAX_NR_ARGS+2];  /* parsed arguments vector */
+#define ARGV_ELEMENTS (MAX_NR_ARGS+2) /* path, args, null */
+  char *r_argv[ARGV_ELEMENTS];
   int r_argc;  			/* number of arguments */
   char r_script[MAX_SCRIPT_LEN]; /* name of the restart script executable */