diff options
author | Brian Foley <bpfoley@google.com> | 2019-09-05 10:53:21 +0200 |
---|---|---|
committer | Denys Vlasenko <vda.linux@googlemail.com> | 2019-09-05 10:53:21 +0200 |
commit | 10509a70ee5c28800d23bf891b4f72603447e364 (patch) | |
tree | a6a44ba6e4f4cc71257a6894494c62f827f0d7ce /miscutils | |
parent | b64470be177314e8473fae6c32cab51cacb89fa7 (diff) | |
download | busybox-10509a70ee5c28800d23bf891b4f72603447e364.tar.gz |
dc: Parse error & fix out of bounds read in xc_program_printString
function old new delta
xc_program_print 712 735 +23
Signed-off-by: Brian Foley <bpfoley@google.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'miscutils')
-rw-r--r-- | miscutils/bc.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/miscutils/bc.c b/miscutils/bc.c index 016300ac1..e492f0f50 100644 --- a/miscutils/bc.c +++ b/miscutils/bc.c @@ -5456,11 +5456,13 @@ static void xc_program_printString(const char *str) char *n; c = *str++; - n = strchr(esc, c); // note: c can be NUL - if (!n) { + n = strchr(esc, c); // note: if c is NUL, n = \0 at end of esc + if (!n || !c) { // Just print the backslash and following character bb_putchar('\\'); ++G.prog.nchars; + // But if we're at the end of the string, stop + if (!c) break; } else { if (n - esc == 0) // "\n" ? G.prog.nchars = SIZE_MAX; |