28.04.2016 03:53, Aaron Miller пишет:
Would previously allow digits larger than the base and didn't check
that
subtracting the difference from 0-9 to lowercase letters for
characters
larger than 9 didn't result in a value lower than 9, which allowed
the
parses: ` = 9, _ = 8, ^ = 7, ] = 6, \ = 5, and [ = 4
Does it cause any real problem (i.e. is it 2.02 material)?
---
Need to move the out-of-base check to *after* the outside [0-9]
handling
or this breaks.
grub-core/kern/misc.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c
index 906d2c2..3653d4d 100644
--- a/grub-core/kern/misc.c
+++ b/grub-core/kern/misc.c
@@ -394,9 +394,11 @@ grub_strtoull (const char *str, char **end, int
base)
if (digit > 9)
{
digit += '0' - 'a' + 10;
- if (digit >= (unsigned long) base)
+ if (digit >= (unsigned long) base || digit <= 9)
base comparison becomes redundant here. And this needs comment
explaining digit <= 9 comparison for future reference.