[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug in sh_backslash_quote function (bash 4.3.33)

From: Chet Ramey
Subject: Re: Bug in sh_backslash_quote function (bash 4.3.33)
Date: Thu, 05 Mar 2015 15:14:00 -0500
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.5.0

On 3/4/15 12:59 PM, Верещагин Алексей wrote:
> Bash Version: 4.3.33
> File: lib/sh/shquote.c
> Function: sh_backslash_quote
> Line: if (backslash_table[c] == 1)
> Description
> -----------
> Variable "c" has signed integer type and may be negative (if "string" is
> not only ASCII characters string). But "c" used as an index in
> "backslash_table" array. This causes out of range error and produce
> undefined behavior.
> Possible solution
> -----------------
> Cast variable "c" to unsigned char type:
> if (backslash_table[(unsigned char)c] == 1)

Thanks for the report.  This is a good fix for the remaining cases where
sh_backslash_quote is called with arbitrary filenames.

``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU    address@hidden    http://cnswww.cns.cwru.edu/~chet/

reply via email to

[Prev in Thread] Current Thread [Next in Thread]