Previously, we assumed a backslash character would always be followed by a character to be escaped, and advanced our "start" pointer by two places before the next iteration. However, this assumption breaks if the lonely backslash happens to be the last character in the query string, in which case we would end up pointing beyond the \0 and let the parser wander into the unknown, possibly crashing later.
This commit ensures we detect this corner case and error out gracefully with a message. You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/922 -- Commit Summary -- * Handle incomplete escape seq in queryformat (RhBug:1755230) -- File Changes -- M lib/headerfmt.c (4) M tests/rpmquery.at (15) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/922.patch https://github.com/rpm-software-management/rpm/pull/922.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/922
_______________________________________________ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
