Module Name: src
Committed By: martin
Date: Wed Jun 6 15:13:00 UTC 2018
Modified Files:
src/usr.bin/tr [netbsd-7]: str.c
Log Message:
Pull up following revision(s) (requested by leot in ticket #1609):
usr.bin/tr/str.c: revision 1.30
Do not accept invalid octal character values (>= 0400).
This also avoid possible stack corruption (e.g. previously `tr -s '\400'' or
similars lead to them).
Reviewed and thanks to <pgoyette>!
To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.29.4.1 src/usr.bin/tr/str.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/tr/str.c
diff -u src/usr.bin/tr/str.c:1.29 src/usr.bin/tr/str.c:1.29.4.1
--- src/usr.bin/tr/str.c:1.29 Sun Aug 11 01:54:35 2013
+++ src/usr.bin/tr/str.c Wed Jun 6 15:13:00 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: str.c,v 1.29 2013/08/11 01:54:35 dholland Exp $ */
+/* $NetBSD: str.c,v 1.29.4.1 2018/06/06 15:13:00 martin Exp $ */
/*-
* Copyright (c) 1991, 1993
@@ -34,7 +34,7 @@
#if 0
static char sccsid[] = "@(#)str.c 8.2 (Berkeley) 4/28/95";
#endif
-__RCSID("$NetBSD: str.c,v 1.29 2013/08/11 01:54:35 dholland Exp $");
+__RCSID("$NetBSD: str.c,v 1.29.4.1 2018/06/06 15:13:00 martin Exp $");
#endif /* not lint */
#include <sys/types.h>
@@ -417,6 +417,8 @@ backslash(STR *s)
}
if (cnt) {
/* We saw digits, so return their value */
+ if (val >= OOBCH)
+ errx(1, "Invalid octal character value");
return val;
}
if (ch == '\0') {
