From 10509a70ee5c28800d23bf891b4f72603447e364 Mon Sep 17 00:00:00 2001 From: Brian Foley Date: Thu, 5 Sep 2019 10:53:21 +0200 Subject: dc: Parse error & fix out of bounds read in xc_program_printString function old new delta xc_program_print 712 735 +23 Signed-off-by: Brian Foley Signed-off-by: Denys Vlasenko --- miscutils/bc.c | 6 ++++-- testsuite/dc.tests | 20 ++++++++++++++++++++ 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/miscutils/bc.c b/miscutils/bc.c index 016300ac1..e492f0f50 100644 --- a/miscutils/bc.c +++ b/miscutils/bc.c @@ -5456,11 +5456,13 @@ static void xc_program_printString(const char *str) char *n; c = *str++; - n = strchr(esc, c); // note: c can be NUL - if (!n) { + n = strchr(esc, c); // note: if c is NUL, n = \0 at end of esc + if (!n || !c) { // Just print the backslash and following character bb_putchar('\\'); ++G.prog.nchars; + // But if we're at the end of the string, stop + if (!c) break; } else { if (n - esc == 0) // "\n" ? G.prog.nchars = SIZE_MAX; diff --git a/testsuite/dc.tests b/testsuite/dc.tests index 1fc13c201..361bc8459 100755 --- a/testsuite/dc.tests +++ b/testsuite/dc.tests @@ -59,6 +59,26 @@ testing "dc: x should work with strings created from a" \ "42\n" \ "" "" +testing "dc: p should print invalid escapes" \ + "dc -e '[\q] p'" \ + "\\q\n" \ + "" "" + +testing "dc: p should print trailing backslashes" \ + "dc -e '[q\] p'" \ + "q\\\\\n" \ + "" "" + +testing "dc: p should parse/print single backslashes" \ + "dc -e '[\] p'" \ + "\\\\\n" \ + "" "" + +testing "dc: p should print single backslash strings" \ + "dc -e '92 a p'" \ + "\\\\\n" \ + "" "" + testing "dc read" \ "dc -finput" \ "2\n9\n1\n" \ -- cgit v1.2.3