Re: lib/58136: Use after free in libintl pgettext

To: lib-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,stix%stix.id.au@localhost
Subject: Re: lib/58136: Use after free in libintl pgettext
From: Paul Ripke <stix%stix.id.au@localhost>
Date: Thu, 11 Apr 2024 03:35:01 +0000 (UTC)

The following reply was made to PR lib/58136; it has been noted by GNATS.

From: Paul Ripke <stix%stix.id.au@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: lib/58136: Use after free in libintl pgettext
Date: Thu, 11 Apr 2024 13:31:47 +1000

 Yeah, I looked around for other implementations and came up empty; looking
 at blame on the source, I came to the conclusion it's ours.
 
 After sleeping on it, I've amended my patch; I think this is more correct,
 although still rather ugly:
 
 diff --git a/lib/libintl/gettext.c b/lib/libintl/gettext.c
 index 424abbd2f567..0469e6512fdc 100644
 --- a/lib/libintl/gettext.c
 +++ b/lib/libintl/gettext.c
 @@ -176,6 +176,9 @@ pgettext_impl(const char *domainname, const char *msgctxt, const char *msgid1,
  		msgid2, n, category);
  	free(msgctxt_id);
  
 +	if (translation == msgctxt_id)
 +		return msgid1;
 +
  	p = strchr(translation, '\004');
  	if (p)
  		return p + 1;

Prev by Date: PR/57877 CVS commit: src
Next by Date: PR/58124 CVS commit: src/sys/dev/pci
Previous by Thread: Re: lib/58136: Use after free in libintl pgettext
Next by Thread: PR/58124 CVS commit: src/sys/dev/pci
Indexes:

Home | Main Index | Thread Index | Old Index