commit: cc4de0decf915ee76fcbf4420f15e68e6d10a17a
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Fri Mar 29 11:19:52 2024 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Fri Mar 29 11:19:52 2024 +0000
URL: https://gitweb.gentoo.org/proj/portage-utils.git/commit/?id=cc4de0de
qmanifest: avoid out of bounds access in append_list macro
Empty strings, or those being just whitespace were not handled
correctly. Thanks bstaletic in PR #19 for pointing this out. Avoid
running under the original string pointer and skip any checks for
strings that are too short to match anything in particular. This sweeps
an edgecase of just a single whitespace char under the carpet -- which
is just about fine, for it needs not to be handled for any legitimate
case.
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
qmanifest.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/qmanifest.c b/qmanifest.c
index 2bb0f11..5246fc4 100644
--- a/qmanifest.c
+++ b/qmanifest.c
@@ -1421,13 +1421,15 @@ verify_manifest(
#define append_list(STR) \
if (strncmp(STR, "TIMESTAMP ", 10) != 0 || strncmp(STR, "DIST ", 5) !=
0) {\
char *endp = STR + strlen(STR) - 1;\
- while (isspace(*endp))\
+ while (endp > STR && isspace(*endp))\
*endp-- = '\0';\
if (elemslen == elemssize) {\
elemssize += LISTSZ;\
elems = xrealloc(elems, elemssize * sizeof(elems[0]));\
}\
- if (strncmp(STR, "IGNORE ", 7) == 0) {\
+ if (endp - STR < 4) {\
+ /* avoid doing comparisons, none will match */\
+ } else if (strncmp(STR, "IGNORE ", 7) == 0) {\
STR[5] = 'I';\
elems[elemslen] = xstrdup(STR + 5);\
elemslen++;\
