From 10509a70ee5c28800d23bf891b4f72603447e364 Mon Sep 17 00:00:00 2001 From: Brian Foley Date: Thu, 5 Sep 2019 10:53:21 +0200 Subject: dc: Parse error & fix out of bounds read in xc_program_printString function old new delta xc_program_print 712 735 +23 Signed-off-by: Brian Foley Signed-off-by: Denys Vlasenko --- miscutils/bc.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'miscutils') diff --git a/miscutils/bc.c b/miscutils/bc.c index 016300ac1..e492f0f50 100644 --- a/miscutils/bc.c +++ b/miscutils/bc.c @@ -5456,11 +5456,13 @@ static void xc_program_printString(const char *str) char *n; c = *str++; - n = strchr(esc, c); // note: c can be NUL - if (!n) { + n = strchr(esc, c); // note: if c is NUL, n = \0 at end of esc + if (!n || !c) { // Just print the backslash and following character bb_putchar('\\'); ++G.prog.nchars; + // But if we're at the end of the string, stop + if (!c) break; } else { if (n - esc == 0) // "\n" ? G.prog.nchars = SIZE_MAX; -- cgit v1.2.3