Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/lib/libedit PR/54117: Paavo Helde: Fix memory overrun: Accou...
details: https://anonhg.NetBSD.org/src/rev/c1377d604c12
branches: trunk
changeset: 455772:c1377d604c12
user: christos <christos%NetBSD.org@localhost>
date: Fri Apr 12 15:12:29 2019 +0000
description:
PR/54117: Paavo Helde: Fix memory overrun: Account for the closing quote
in memory allocation if quoted.
diffstat:
lib/libedit/filecomplete.c | 30 ++++++++++++++++++++++++------
1 files changed, 24 insertions(+), 6 deletions(-)
diffs (84 lines):
diff -r 28b3ec256ce0 -r c1377d604c12 lib/libedit/filecomplete.c
--- a/lib/libedit/filecomplete.c Fri Apr 12 11:02:22 2019 +0000
+++ b/lib/libedit/filecomplete.c Fri Apr 12 15:12:29 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: filecomplete.c,v 1.53 2019/03/31 03:04:57 abhinav Exp $ */
+/* $NetBSD: filecomplete.c,v 1.54 2019/04/12 15:12:29 christos Exp $ */
/*-
* Copyright (c) 1997 The NetBSD Foundation, Inc.
@@ -31,7 +31,7 @@
#include "config.h"
#if !defined(lint) && !defined(SCCSID)
-__RCSID("$NetBSD: filecomplete.c,v 1.53 2019/03/31 03:04:57 abhinav Exp $");
+__RCSID("$NetBSD: filecomplete.c,v 1.54 2019/04/12 15:12:29 christos Exp $");
#endif /* not lint && not SCCSID */
#include <sys/types.h>
@@ -159,6 +159,20 @@
}
}
+static int
+needs_dquote_escaping(char c)
+{
+ switch (c) {
+ case '"':
+ case '\\':
+ case '`':
+ case '$':
+ return 1;
+ default:
+ return 0;
+ }
+}
+
static wchar_t *
unescape_string(const wchar_t *string, size_t length)
@@ -189,13 +203,14 @@
size_t d_quoted = 0; /* does the input contain a double quote */
char *escaped_str;
wchar_t *temp = el->el_line.buffer;
+
if (filename == NULL)
return NULL;
while (temp != el->el_line.cursor) {
/*
- * If we see a single quote but have not seen a double quote so far
- * set/unset s_quote
+ * If we see a single quote but have not seen a double quote
+ * so far set/unset s_quote
*/
if (temp[0] == '\'' && !d_quoted)
s_quoted = !s_quoted;
@@ -218,7 +233,7 @@
continue;
}
/* Inside double quotes only ", \, ` and $ need escaping */
- if (d_quoted && (c == '"' || c == '\\' || c == '`' || c == '$')) {
+ if (d_quoted && needs_dquote_escaping(c)) {
escaped_character_count++;
continue;
}
@@ -227,6 +242,9 @@
}
newlen = original_len + escaped_character_count + 1;
+ if (s_quoted || d_quoted)
+ newlen++;
+
if ((escaped_str = el_malloc(newlen)) == NULL)
return NULL;
@@ -256,7 +274,7 @@
/* No escaping needed inside a double quoted string either
* unless we see a '$', '\', '`', or '"' (itself)
*/
- if (d_quoted && c != '"' && c != '$' && c != '\\' && c != '`') {
+ if (d_quoted && !needs_dquote_escaping(c)) {
escaped_str[offset++] = c;
continue;
}
Home |
Main Index |
Thread Index |
Old Index