[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gawk-diffs] [SCM] gawk branch, feature/stringfix, updated. gawk-4.1.0-2
|
From: |
Andrew J. Schorr |
|
Subject: |
[gawk-diffs] [SCM] gawk branch, feature/stringfix, updated. gawk-4.1.0-2418-ge1bfc3a |
|
Date: |
Fri, 27 Jan 2017 01:17:59 +0000 (UTC) |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "gawk".
The branch, feature/stringfix has been updated
via e1bfc3a49d45024f84f489ac6a7ebcd505ec203a (commit)
from 820db14f26ad8d203f6c3de6b51ff7bc2ec3476f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.sv.gnu.org/cgit/gawk.git/commit/?id=e1bfc3a49d45024f84f489ac6a7ebcd505ec203a
commit e1bfc3a49d45024f84f489ac6a7ebcd505ec203a
Author: Andrew J. Schorr <address@hidden>
Date: Thu Jan 26 20:17:22 2017 -0500
Fix possible string overrun in strtonum function.
diff --git a/ChangeLog b/ChangeLog
index 6bc1b33..eaecc5c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,18 @@
2017-01-26 Andrew J. Schorr <address@hidden>
+ * awk.h (get_numbase): Add string length argument so we can operate
+ on unterminated strings.
+ * awkgram.y: Call get_numbase with string length, and fix off-by-one
+ error in length passed to nondec2awknum: should be strlen(tokstart)-1
+ based on surrounding code.
+ * builtin.c (do_strtonum): Pass string length to get_numbase.
+ (nondec2awknum): Check string length before accessing characters.
+ * mpfr.c (force_mpnum): Pass string length to get_numbase.
+ * node.c (r_force_number): Pass string length to get_numbase.
+ (get_numbase): Add string length argument and honor it.
+
+2017-01-26 Andrew J. Schorr <address@hidden>
+
* builtin.c (do_strftime): If format argument is passed, we need
to terminate it in case it's a field variable.
diff --git a/awk.h b/awk.h
index 199aba3..9a5c94a 100644
--- a/awk.h
+++ b/awk.h
@@ -1679,7 +1679,7 @@ extern Regexp *re_update(NODE *t);
extern void resyntax(int syntax);
extern void resetup(void);
extern int reisstring(const char *text, size_t len, Regexp *re, const char
*buf);
-extern int get_numbase(const char *str, bool use_locale);
+extern int get_numbase(const char *str, size_t len, bool use_locale);
extern bool using_utf8(void);
/* symbol.c */
diff --git a/awkgram.c b/awkgram.c
index c6f47db..f5fa6b2 100644
--- a/awkgram.c
+++ b/awkgram.c
@@ -6414,7 +6414,7 @@ retry:
base = 10;
if (! do_traditional) {
- base = get_numbase(tokstart, false);
+ base = get_numbase(tokstart, strlen(tokstart)-1, false);
if (do_lint) {
if (base == 8)
lintwarn("numeric constant `%.*s'
treated as octal",
@@ -6450,7 +6450,7 @@ retry:
}
#endif
if (base != 10)
- d = nondec2awknum(tokstart, strlen(tokstart), NULL);
+ d = nondec2awknum(tokstart, strlen(tokstart)-1, NULL);
else
d = atof(tokstart);
yylval->memory = make_profile_number(d, tokstart,
strlen(tokstart) - 1);
diff --git a/awkgram.y b/awkgram.y
index 8027881..345816d 100644
--- a/awkgram.y
+++ b/awkgram.y
@@ -3994,7 +3994,7 @@ retry:
base = 10;
if (! do_traditional) {
- base = get_numbase(tokstart, false);
+ base = get_numbase(tokstart, strlen(tokstart)-1, false);
if (do_lint) {
if (base == 8)
lintwarn("numeric constant `%.*s'
treated as octal",
@@ -4030,7 +4030,7 @@ retry:
}
#endif
if (base != 10)
- d = nondec2awknum(tokstart, strlen(tokstart), NULL);
+ d = nondec2awknum(tokstart, strlen(tokstart)-1, NULL);
else
d = atof(tokstart);
yylval->memory = make_profile_number(d, tokstart,
strlen(tokstart) - 1);
diff --git a/builtin.c b/builtin.c
index 0c6cbc0..32062d0 100644
--- a/builtin.c
+++ b/builtin.c
@@ -3558,7 +3558,7 @@ do_strtonum(int nargs)
tmp = fixtype(POP_SCALAR());
if ((tmp->flags & NUMBER) != 0)
d = (AWKNUM) tmp->numbr;
- else if (get_numbase(tmp->stptr, use_lc_numeric) != 10)
+ else if (get_numbase(tmp->stptr, tmp->stlen, use_lc_numeric) != 10)
d = nondec2awknum(tmp->stptr, tmp->stlen, NULL);
else
d = (AWKNUM) force_number(tmp)->numbr;
@@ -3583,7 +3583,7 @@ nondec2awknum(char *str, size_t len, char **endptr)
short val;
char *start = str;
- if (*str == '0' && (str[1] == 'x' || str[1] == 'X')) {
+ if (len >= 2 && *str == '0' && (str[1] == 'x' || str[1] == 'X')) {
/*
* User called strtonum("0x") or some such,
* so just quit early.
@@ -3633,7 +3633,7 @@ nondec2awknum(char *str, size_t len, char **endptr)
}
if (endptr)
*endptr = str;
- } else if (*str == '0') {
+ } else if (len >= 1 && *str == '0') {
for (; len > 0; len--) {
if (! isdigit((unsigned char) *str)) {
if (endptr)
diff --git a/mpfr.c b/mpfr.c
index 8a5e9a6..ec8d556 100644
--- a/mpfr.c
+++ b/mpfr.c
@@ -303,7 +303,7 @@ force_mpnum(NODE *n, int do_nondec, int use_locale)
cp1 = cp;
if (do_nondec)
- base = get_numbase(cp1, use_locale);
+ base = get_numbase(cp1, cpend - cp1, use_locale);
if (! mpg_maybe_float(cp1, use_locale)) {
mpg_zero(n);
diff --git a/node.c b/node.c
index 6300bd4..abeadc3 100644
--- a/node.c
+++ b/node.c
@@ -129,7 +129,7 @@ r_force_number(NODE *n)
errno = 0;
if (do_non_decimal_data /* main.c assures false if do_posix */
- && ! do_traditional && get_numbase(cp, true) != 10) {
+ && ! do_traditional && get_numbase(cp, cpend - cp, true) != 10)
{
/* nondec2awknum() saves and restores the byte after the string
itself */
n->numbr = nondec2awknum(cp, cpend - cp, &ptr);
} else {
@@ -631,7 +631,7 @@ parse_escape(const char **string_ptr)
/* get_numbase --- return the base to use for the number in 's' */
int
-get_numbase(const char *s, bool use_locale)
+get_numbase(const char *s, size_t len, bool use_locale)
{
int dec_point = '.';
const char *str = s;
@@ -645,7 +645,7 @@ get_numbase(const char *s, bool use_locale)
dec_point = loc.decimal_point[0]; /* XXX --- assumes one
char */
#endif
- if (str[0] != '0')
+ if (len < 2 || str[0] != '0')
return 10;
/* leading 0x or 0X */
@@ -658,7 +658,7 @@ get_numbase(const char *s, bool use_locale)
*
* These beasts can have trailing whitespace. Deal with that too.
*/
- for (; *str != '\0'; str++) {
+ for (; len > 0; len--, str++) {
if (*str == 'e' || *str == 'E' || *str == dec_point)
return 10;
else if (! isdigit((unsigned char) *str))
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 13 +++++++++++++
awk.h | 2 +-
awkgram.c | 4 ++--
awkgram.y | 4 ++--
builtin.c | 6 +++---
mpfr.c | 2 +-
node.c | 8 ++++----
7 files changed, 26 insertions(+), 13 deletions(-)
hooks/post-receive
--
gawk
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [gawk-diffs] [SCM] gawk branch, feature/stringfix, updated. gawk-4.1.0-2418-ge1bfc3a,
Andrew J. Schorr <=