Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.sbin/makemandb Avoid possible buffer overflow while pars...
details: https://anonhg.NetBSD.org/src/rev/ebb57bc8e921
branches: trunk
changeset: 816444:ebb57bc8e921
user: abhinav <abhinav%NetBSD.org@localhost>
date: Wed Jul 06 08:52:01 2016 +0000
description:
Avoid possible buffer overflow while parsing NAME section of man(7) pages.
Also, simplify copyging of strings, use estrdupn instead of emalloc + memcpy.
Patch from christos@, XXX comment by me
diffstat:
usr.sbin/makemandb/makemandb.c | 26 +++++++++++++++-----------
1 files changed, 15 insertions(+), 11 deletions(-)
diffs (71 lines):
diff -r 8114c8b31bcd -r ebb57bc8e921 usr.sbin/makemandb/makemandb.c
--- a/usr.sbin/makemandb/makemandb.c Wed Jul 06 08:42:34 2016 +0000
+++ b/usr.sbin/makemandb/makemandb.c Wed Jul 06 08:52:01 2016 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: makemandb.c,v 1.38 2016/07/05 16:24:18 abhinav Exp $ */
+/* $NetBSD: makemandb.c,v 1.39 2016/07/06 08:52:01 abhinav Exp $ */
/*
* Copyright (c) 2011 Abhinav Upadhyay <er.abhinav.upadhyay%gmail.com@localhost>
* Copyright (c) 2011 Kristaps Dzonsons <kristaps%bsd.lv@localhost>
@@ -17,7 +17,7 @@
*/
#include <sys/cdefs.h>
-__RCSID("$NetBSD: makemandb.c,v 1.38 2016/07/05 16:24:18 abhinav Exp $");
+__RCSID("$NetBSD: makemandb.c,v 1.39 2016/07/06 08:52:01 abhinav Exp $");
#include <sys/stat.h>
#include <sys/types.h>
@@ -1312,7 +1312,7 @@
* (c) Move on to the one line description section, which is after the list
* of names in the NAME section.
* 2. Otherwise, it will check the section name and call the man_parse_section
- * function, passing the enum corresponding that section.
+ * function, passing the enum corresponding to that section.
*/
static void
pman_sh(const struct man_node *n, mandb_rec *rec)
@@ -1391,7 +1391,7 @@
int has_alias = 0; // Any more aliases left?
while (*name_desc) {
/* Remove any leading spaces or hyphens. */
- if (name_desc[0] == ' ' || name_desc[0] =='-') {
+ if (name_desc[0] == ' ' || name_desc[0] == '-') {
name_desc++;
continue;
}
@@ -1401,9 +1401,11 @@
if (rec->name == NULL) {
if (name_desc[sz] == ',')
has_alias = 1;
- name_desc[sz] = 0;
- rec->name = emalloc(sz + 1);
- memcpy(rec->name, name_desc, sz + 1);
+ rec->name = estrndup(name_desc, sz);
+ /* XXX This would only happen with a poorly
+ * written man page, maybe warn? */
+ if (name_desc[sz] == '\0')
+ break;
name_desc += sz + 1;
continue;
}
@@ -1414,13 +1416,15 @@
*/
if (rec->name && has_alias) {
if (name_desc[sz] != ',') {
- /* No more commas left -->
- * no more aliases to take out
- */
+ /* No more commas left --> no more
+ * aliases to take out */
has_alias = 0;
}
- name_desc[sz] = 0;
concat2(&rec->links, name_desc, sz);
+ /* XXX This would only happen with a poorly
+ * written man page, maybe warn? */
+ if (name_desc[sz] == '\0')
+ break;
name_desc += sz + 1;
continue;
}
Home |
Main Index |
Thread Index |
Old Index