From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 106309 invoked by alias); 19 Aug 2015 09:23:35 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Received: (qmail 106133 invoked by uid 89); 19 Aug 2015 09:23:35 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-0.7 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,SPF_NEUTRAL autolearn=no version=3.3.2 X-HELO: popelka.ms.mff.cuni.cz Date: Wed, 19 Aug 2015 09:23:00 -0000 From: =?utf-8?B?T25kxZllaiBCw61sa2E=?= To: libc-alpha@sourceware.org Subject: [ping^2][PATCH][BZ #18096] Handle null dereferences in wordexp Message-ID: <20150819092323.GA19696@domone> References: <20150712074917.GA6245@domone> <20150812122216.GA25881@domone> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20150812122216.GA25881@domone> User-Agent: Mutt/1.5.20 (2009-06-14) X-SW-Source: 2015-08/txt/msg00808.txt.bz2 ping On Wed, Aug 12, 2015 at 02:22:16PM +0200, Ondřej Bílka wrote: > ping > On Sun, Jul 12, 2015 at 09:49:17AM +0200, Ondřej Bílka wrote: > > Hi, > > > > Kostya, and Carlos wrote this patch on bugzilla but I didn't seen it on > > libc-alpha. > > > > These look good for me. Carlos, could you commit it? > > > > > > diff --git a/posix/wordexp.c b/posix/wordexp.c > > index e711d43..d3f3764 100644 > > --- a/posix/wordexp.c > > +++ b/posix/wordexp.c > > @@ -740,7 +740,7 @@ parse_arith (char **word, size_t *word_length, size_t *max_length, > > ++(*offset); > > > > /* Go - evaluate. */ > > - if (*expr && eval_expr (expr, &numresult) != 0) > > + if (expr && *expr && eval_expr (expr, &numresult) != 0) > > { > > free (expr); > > return WRDE_SYNTAX; > > @@ -778,7 +778,7 @@ parse_arith (char **word, size_t *word_length, size_t *max_length, > > long int numresult = 0; > > > > /* Go - evaluate. */ > > - if (*expr && eval_expr (expr, &numresult) != 0) > > + if (expr && *expr && eval_expr (expr, &numresult) != 0) > > { > > free (expr); > > return WRDE_SYNTAX; > > @@ -1843,11 +1843,11 @@ envsubst: > > if (!colon_seen && value) > > /* Substitute NULL */ > > ; > > - else > > + else if (flags & WRDE_SHOWERR) > > { > > const char *str = pattern; > > > > - if (str[0] == '\0') > > + if (str && str[0] == '\0') > > str = _("parameter null or not set"); > > > > __fxprintf (NULL, "%s: %s\n", env, str); -- paradigm shift...without a clutch