[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: [PATCH] ash: use-after-free in bash pattern substitution (resubmit)
From: Denys Vlasenko <vda.linux () googlemail ! com>
Date: 2023-05-18 14:50:16
Message-ID: CAK1hOcOAxDgqo+OtXVqQXDVnSY-NrnKP4WWtfLyuHZk49nXc3g () mail ! gmail ! com
[Download RAW message or body]
Applied, thank you.
On Mon, May 15, 2023 at 7:26 AM Karsten Sperling <ksperling@apple.com> wrote:
>
> Hi, just bumping this thread one last time.
>
> Please let me know if there is some contribution guideline I'm not following \
> correctly, or if there is some other reason for not accepting this patch.
> Cheers, Karsten
>
>
> > On 18/04/2023, at 3:24 PM, Karsten Sperling <ksperling@apple.com> wrote:
> >
> > Commit daa66ed6 fixed a number of use-after-free bugs in bash pattern \
> > substitution, however one "unguarded" STPUTC remained, which is fixed here.
> > Signed-off-by: Karsten Sperling <ksperling@apple.com>
> > ---
> > shell/ash.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/shell/ash.c b/shell/ash.c
> > index d2c5c5d50..51b627fcc 100644
> > --- a/shell/ash.c
> > +++ b/shell/ash.c
> > @@ -7370,6 +7370,8 @@ subevalvar(char *start, char *str, int strloc,
> > char *restart_detect = stackblock();
> > if (quotes && *loc == '\\') {
> > STPUTC(CTLESC, expdest);
> > + if (stackblock() != restart_detect)
> > + goto restart;
> > len++;
> > }
> > STPUTC(*loc, expdest);
> > -- 2.39.0
> >
>
> _______________________________________________
> busybox mailing list
> busybox@busybox.net
> http://lists.busybox.net/mailman/listinfo/busybox
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic