Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

PATCH: utils.c: Fix use of uninitialized memory in metafy().

X-seq: zsh-workers 32059
From: Simon Ruderich <simon@xxxxxxxxxxxx>
To: zsh-workers@xxxxxxx
Subject: PATCH: utils.c: Fix use of uninitialized memory in metafy().
Date: Wed, 27 Nov 2013 18:45:16 +0100
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm

---
Hello,

While running the tests with valgrind I noticed an use of
uninitialized memory in metafy().

The following patch should fix it, but I don't know the details
of this code, so please check it before applying the patch.

The problem is the *e != '\0' in the next if, once e == buf +
len, *e points after buf.

Regards,
Simon

 Src/utils.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/Src/utils.c b/Src/utils.c
index 0db9c30..eb71aab 100644
--- a/Src/utils.c
+++ b/Src/utils.c
@@ -3980,10 +3980,14 @@ metafy(char *buf, int len, int heap)
 	for (e = buf, len = 0; *e; len++)
 	    if (imeta(*e++))
 		meta++;
-    } else
+    } else {
 	for (e = buf; e < buf + len;)
 	    if (imeta(*e++))
 		meta++;
+	/* go to last byte of buf */
+	if (len > 0)
+	    e--;
+    }
 
     if (meta || heap == META_DUP || heap == META_HEAPDUP || *e != '\0') {
 	switch (heap) {
-- 
1.8.4.4.12.gcc59366.dirty

-- 
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92FEFDB7E44C32F9

Attachment: signature.asc
Description: Digital signature

Follow-Ups:
- Re: PATCH: utils.c: Fix use of uninitialized memory in metafy().
  - From: Peter Stephenson

Messages sorted by: Reverse Date, Date, Thread, Author