Hi all,
in certain cases,
fnmatch(pattern, string, flags)
reads beyond the end of pattern. This can be triggered by parameters
like this:
fnmatch(""[A-Z[.", "F", 0);
The corresponding code can be found here:
https://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/tree/libc/misc/fnmatch/fn…
After line 920 is executed, p points to '\0' (the end of the pattern).
Then, in line 923, p is unconditionally increased again and the value
_after_ the end of the pattern is read (to find out if the pattern has
ended).
Suggested fix: Just remove line 920.
Kind regards,
Frank
--
Dr.-Ing. Frank Mehnert, frank.mehnert(a)kernkonzept.com, +49-351-41 883 224
Kernkonzept GmbH. Sitz: Dresden. Amtsgericht Dresden, HRB 31129.
Geschäftsführer: Dr.-Ing. Michael Hohmuth