Re: Bug in sh_backslash_quote function (bash 4.3.33)

bug-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug in sh_backslash_quote function (bash 4.3.33)

From:	Chet Ramey
Subject:	Re: Bug in sh_backslash_quote function (bash 4.3.33)
Date:	Thu, 05 Mar 2015 15:14:00 -0500
User-agent:	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.5.0

On 3/4/15 12:59 PM, Верещагин Алексей wrote:
> Bash Version: 4.3.33
> File: lib/sh/shquote.c
> Function: sh_backslash_quote
> Line: if (backslash_table[c] == 1)
> 
> Description
> -----------
> Variable "c" has signed integer type and may be negative (if "string" is
> not only ASCII characters string). But "c" used as an index in
> "backslash_table" array. This causes out of range error and produce
> undefined behavior.
> 
> Possible solution
> -----------------
> Cast variable "c" to unsigned char type:
> if (backslash_table[(unsigned char)c] == 1)

Thanks for the report.  This is a good fix for the remaining cases where
sh_backslash_quote is called with arbitrary filenames.

Chet
-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU    chet@case.edu    http://cnswww.cns.cwru.edu/~chet/

[Prev in Thread]

Current Thread

[Next in Thread]

Bug in sh_backslash_quote function (bash 4.3.33), Верещагин Алексей, 2015/03/04
- Re: Bug in sh_backslash_quote function (bash 4.3.33), Eric Blake, 2015/03/04
  - Re: Bug in sh_backslash_quote function (bash 4.3.33), Алексей Верещагин, 2015/03/04
- Re: Bug in sh_backslash_quote function (bash 4.3.33), Chet Ramey <=

Prev by Date: Re: bash-4.3.33 regexp bug
Next by Date: Re: Strange file -i
Previous by thread: Re: Bug in sh_backslash_quote function (bash 4.3.33)
Next by thread: undesired behavior... reason is.. bug? or feature-deficit
Index(es):
- Date
- Thread