diff options
author | Andreas Schwab <schwab@suse.de> | 2014-06-18 11:58:45 +0200 |
---|---|---|
committer | Andreas Schwab <schwab@suse.de> | 2014-06-18 14:20:02 +0200 |
commit | b3a9f56ba59c3d8eadd3135a1c25c37a63151450 (patch) | |
tree | 7a579450ac5496123e6bb4ff2e46a41344d29707 | |
parent | 85d89278568b4191da3b2fee589553e90b54ffa5 (diff) | |
download | glibc-b3a9f56ba59c3d8eadd3135a1c25c37a63151450.tar glibc-b3a9f56ba59c3d8eadd3135a1c25c37a63151450.tar.gz glibc-b3a9f56ba59c3d8eadd3135a1c25c37a63151450.tar.bz2 glibc-b3a9f56ba59c3d8eadd3135a1c25c37a63151450.zip |
Don't read past end of pattern in fnmatch (BZ #17062)
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | NEWS | 2 | ||||
-rw-r--r-- | posix/Makefile | 3 | ||||
-rw-r--r-- | posix/fnmatch_loop.c | 13 | ||||
-rw-r--r-- | posix/tst-fnmatch3.c | 30 |
5 files changed, 44 insertions, 12 deletions
@@ -1,3 +1,11 @@ +2014-06-18 Andreas Schwab <schwab@suse.de> + + [BZ #17062] + * posix/fnmatch_loop.c (FCT): Rerrange loop for skipping over rest + of a bracket expr not to run off the end of the string. + * posix/Makefile (tests): Add tst-fnmatch3. + * posix/tst-fnmatch3.c: New file. + 2014-06-18 Joseph Myers <joseph@codesourcery.com> * elf/Makefile ($(objpfx)tst-unused-dep.out): Use $(rtld-prefix). @@ -20,7 +20,7 @@ Version 2.20 16854, 16876, 16877, 16878, 16882, 16885, 16888, 16890, 16912, 16915, 16916, 16917, 16922, 16927, 16928, 16932, 16943, 16958, 16965, 16966, 16967, 16977, 16978, 16984, 16990, 16996, 17009, 17031, 17042, 17048, - 17058. + 17058, 17062. * The minimum Linux kernel version that this version of the GNU C Library can be used with is 2.6.32. diff --git a/posix/Makefile b/posix/Makefile index 14e6ceeaf6..37d6d5fb01 100644 --- a/posix/Makefile +++ b/posix/Makefile @@ -86,7 +86,8 @@ tests := tstgetopt testfnm runtests runptests \ tst-getaddrinfo3 tst-fnmatch2 tst-cpucount tst-cpuset \ bug-getopt1 bug-getopt2 bug-getopt3 bug-getopt4 \ bug-getopt5 tst-getopt_long1 bug-regex34 bug-regex35 \ - tst-pathconf tst-getaddrinfo4 tst-rxspencer-no-utf8 + tst-pathconf tst-getaddrinfo4 tst-rxspencer-no-utf8 \ + tst-fnmatch3 xtests := bug-ga2 ifeq (yes,$(build-shared)) test-srcs := globtest diff --git a/posix/fnmatch_loop.c b/posix/fnmatch_loop.c index f79d051a3a..544769b4f6 100644 --- a/posix/fnmatch_loop.c +++ b/posix/fnmatch_loop.c @@ -899,11 +899,8 @@ FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used) matched: /* Skip the rest of the [...] that already matched. */ - do + while ((c = *p++) != L (']')) { - ignore_next: - c = *p++; - if (c == L('\0')) /* [... (unterminated) loses. */ return FNM_NOMATCH; @@ -931,12 +928,11 @@ FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used) if (c < L('a') || c >= L('z')) { - p = startp; - goto ignore_next; + p = startp - 2; + break; } } p += 2; - c = *p++; } else if (c == L('[') && *p == L('=')) { @@ -947,7 +943,6 @@ FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used) if (c != L('=') || p[1] != L(']')) return FNM_NOMATCH; p += 2; - c = *p++; } else if (c == L('[') && *p == L('.')) { @@ -962,10 +957,8 @@ FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used) break; } p += 2; - c = *p++; } } - while (c != L(']')); if (not) return FNM_NOMATCH; } diff --git a/posix/tst-fnmatch3.c b/posix/tst-fnmatch3.c new file mode 100644 index 0000000000..2a83c1bfb7 --- /dev/null +++ b/posix/tst-fnmatch3.c @@ -0,0 +1,30 @@ +/* Test for fnmatch not reading past the end of the pattern. + Copyright (C) 2014 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + +#include <fnmatch.h> + +int +do_test (void) +{ + const char *pattern = "[[:alpha:]'[:alpha:]\0]"; + + return fnmatch (pattern, "a", 0) != FNM_NOMATCH; +} + +#define TEST_FUNCTION do_test () +#include "../test-skeleton.c" |