25 Oct
2023
25 Oct
'23
2:22 p.m.
Hi all,
in certain cases,
fnmatch(pattern, string, flags)
reads beyond the end of pattern. This can be triggered by parameters
like this:
fnmatch(""[A-Z[.", "F", 0);
The corresponding code can be found here:
https://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/tree/libc/misc/fnmatch/fn…
After line 920 is executed, p points to '\0' (the end of the pattern).
Then, in line 923, p is unconditionally increased again and the value
_after_ the end of the pattern is read (to find out if the pattern has
ended).
Suggested fix: Just remove line 920.
Kind regards,
Frank
--
Dr.-Ing. Frank Mehnert, frank.mehnert(a)kernkonzept.com, +49-351-41 883 224
Kernkonzept GmbH. Sitz: Dresden. Amtsgericht Dresden, HRB 31129.
Geschäftsführer: Dr.-Ing. Michael Hohmuth
6 Nov
6 Nov
9:34 a.m.
Hi Frank,
is it possible for you to sent a git format-patch -s with a good
description to the problem?
best regards
Waldemar
Frank Mehnert wrote,
Hi all,
in certain cases,
fnmatch(pattern, string, flags)
reads beyond the end of pattern. This can be triggered by parameters
like this:
fnmatch(""[A-Z[.", "F", 0);
The corresponding code can be found here:
https://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/tree/libc/misc/fnmatch/fn…
After line 920 is executed, p points to '\0' (the end of the pattern).
Then, in line 923, p is unconditionally increased again and the value
_after_ the end of the pattern is read (to find out if the pattern has
ended).
Suggested fix: Just remove line 920.
Kind regards,
Frank
--
Dr.-Ing. Frank Mehnert, frank.mehnert(a)kernkonzept.com, +49-351-41 883 224
Kernkonzept GmbH. Sitz: Dresden. Amtsgericht Dresden, HRB 31129.
Geschäftsführer: Dr.-Ing. Michael Hohmuth
_______________________________________________
devel mailing list -- devel(a)uclibc-ng.org
To unsubscribe send an email to devel-leave(a)uclibc-ng.org
385
days inactive
397
days old
1 comments
2 participants
participants (2)
-
Frank Mehnert -
Waldemar Brodkorb