[src/trunk]: src/usr.bin/seq Rerun valid_format() both before and after unesc...

[dholland <dholland%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/ca1ed8d00827
branches:  trunk
changeset: 755198:ca1ed8d00827
user:      dholland <dholland%NetBSD.org@localhost>
date:      Thu May 27 08:40:19 2010 +0000

description:
Rerun valid_format() both before and after unescaping the format
string, in case the format string contains printf conversions
assembled from escape sequences.

A better approach might be to adjust the unescape logic to avoid
generating printf conversions (e.g. convert \x25 to %% instead of %)
but that's somewhat problematic and it's not really worth taking the
trouble.

Running valid_format() only after unescaping would also be somewhat
tidier but makes printing the invalid format string problematic,
because the unescape logic runs in place.

None of these cases are really worth worrying about in detail, but now
at least they don't result in SIGSEGV.

Related to PR 43355.

diffstat:

 usr.bin/seq/seq.c |  4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diffs (21 lines):

diff -r 9710f6f3573b -r ca1ed8d00827 usr.bin/seq/seq.c
--- a/usr.bin/seq/seq.c Thu May 27 08:30:35 2010 +0000
+++ b/usr.bin/seq/seq.c Thu May 27 08:40:19 2010 +0000
@@ -31,7 +31,7 @@
 #ifndef lint
 __COPYRIGHT("@(#) Copyright (c) 2005\
  The NetBSD Foundation, Inc.  All rights reserved.");
-__RCSID("$NetBSD: seq.c,v 1.6 2010/05/27 08:30:35 dholland Exp $");
+__RCSID("$NetBSD: seq.c,v 1.7 2010/05/27 08:40:19 dholland Exp $");
 #endif /* not lint */
 
 #include <ctype.h>
@@ -162,6 +162,8 @@
                if (!valid_format(fmt))
                        errx(1, "invalid format string: `%s'", fmt);
                fmt = unescape(fmt);
+               if (!valid_format(fmt))
+                       errx(1, "invalid format string");
                /*
                 * XXX to be bug for bug compatible with Plan 9 add a
                 * newline if none found at the end of the format string.