aboutsummaryrefslogtreecommitdiff
path: root/miscutils
diff options
context:
space:
mode:
authorBrian Foley <bpfoley@google.com>2019-09-05 10:53:21 +0200
committerDenys Vlasenko <vda.linux@googlemail.com>2019-09-05 10:53:21 +0200
commit10509a70ee5c28800d23bf891b4f72603447e364 (patch)
treea6a44ba6e4f4cc71257a6894494c62f827f0d7ce /miscutils
parentb64470be177314e8473fae6c32cab51cacb89fa7 (diff)
downloadbusybox-10509a70ee5c28800d23bf891b4f72603447e364.tar.gz
dc: Parse error & fix out of bounds read in xc_program_printString
function old new delta xc_program_print 712 735 +23 Signed-off-by: Brian Foley <bpfoley@google.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'miscutils')
-rw-r--r--miscutils/bc.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/miscutils/bc.c b/miscutils/bc.c
index 016300ac1..e492f0f50 100644
--- a/miscutils/bc.c
+++ b/miscutils/bc.c
@@ -5456,11 +5456,13 @@ static void xc_program_printString(const char *str)
char *n;
c = *str++;
- n = strchr(esc, c); // note: c can be NUL
- if (!n) {
+ n = strchr(esc, c); // note: if c is NUL, n = \0 at end of esc
+ if (!n || !c) {
// Just print the backslash and following character
bb_putchar('\\');
++G.prog.nchars;
+ // But if we're at the end of the string, stop
+ if (!c) break;
} else {
if (n - esc == 0) // "\n" ?
G.prog.nchars = SIZE_MAX;