Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-8]: src/lib/libutil Pull up following revision(s) (requested by k...



details:   https://anonhg.NetBSD.org/src/rev/55692e28d873
branches:  netbsd-8
changeset: 435093:55692e28d873
user:      martin <martin%NetBSD.org@localhost>
date:      Sun Jun 24 09:34:33 2018 +0000

description:
Pull up following revision(s) (requested by kamil in ticket #899):

        lib/libutil/passwd.c: revision 1.53

Prevent underflow buffer read in trim_whitespace() in libutil/passwd.c

If a string is empty or contains only white characters, the algorithm of
removal of white characters at the end of the passed string will read
buffer at index -1 and keep iterating backward.

Detected with MKSANITIZER/ASan when executing passwd(1).

diffstat:

 lib/libutil/passwd.c |  14 +++++++++++---
 1 files changed, 11 insertions(+), 3 deletions(-)

diffs (41 lines):

diff -r 3a0adcc9096e -r 55692e28d873 lib/libutil/passwd.c
--- a/lib/libutil/passwd.c      Sun Jun 24 09:32:03 2018 +0000
+++ b/lib/libutil/passwd.c      Sun Jun 24 09:34:33 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: passwd.c,v 1.52 2012/06/25 22:32:47 abs Exp $  */
+/*     $NetBSD: passwd.c,v 1.52.24.1 2018/06/24 09:34:33 martin Exp $  */
 
 /*
  * Copyright (c) 1987, 1993, 1994, 1995
@@ -31,7 +31,7 @@
 
 #include <sys/cdefs.h>
 #if defined(LIBC_SCCS) && !defined(lint)
-__RCSID("$NetBSD: passwd.c,v 1.52 2012/06/25 22:32:47 abs Exp $");
+__RCSID("$NetBSD: passwd.c,v 1.52.24.1 2018/06/24 09:34:33 martin Exp $");
 #endif /* LIBC_SCCS and not lint */
 
 #include <sys/types.h>
@@ -503,13 +503,21 @@
 
        _DIAGASSERT(line != NULL);
 
+       /* Handle empty string */
+       if (*line == '\0')
+               return;
+
        /* Remove leading spaces */
        p = line;
        while (isspace((unsigned char) *p))
                p++;
        memmove(line, p, strlen(p) + 1);
 
-       /* Remove trailing spaces */
+       /* Handle empty string after removal of whitespace characters */
+       if (*line == '\0')
+               return;
+
+       /* Remove trailing spaces, line must not be empty string here */
        p = line + strlen(line) - 1;
        while (isspace((unsigned char) *p))
                p--;



Home | Main Index | Thread Index | Old Index