Module Name: src
Committed By: kamil
Date: Sun Jun 24 01:53:14 UTC 2018
Modified Files:
src/lib/libutil: passwd.c
Log Message:
Prevent underflow buffer read in trim_whitespace() in libutil/passwd.c
If a string is empty or contains only white characters, the algorithm of
removal of white characters at the end of the passed string will read
buffer at index -1 and keep iterating backward.
Detected with MKSANITIZER/ASan when executing passwd(1).
To generate a diff of this commit:
cvs rdiff -u -r1.52 -r1.53 src/lib/libutil/passwd.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libutil/passwd.c
diff -u src/lib/libutil/passwd.c:1.52 src/lib/libutil/passwd.c:1.53
--- src/lib/libutil/passwd.c:1.52 Mon Jun 25 22:32:47 2012
+++ src/lib/libutil/passwd.c Sun Jun 24 01:53:14 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: passwd.c,v 1.52 2012/06/25 22:32:47 abs Exp $ */
+/* $NetBSD: passwd.c,v 1.53 2018/06/24 01:53:14 kamil Exp $ */
/*
* Copyright (c) 1987, 1993, 1994, 1995
@@ -31,7 +31,7 @@
#include <sys/cdefs.h>
#if defined(LIBC_SCCS) && !defined(lint)
-__RCSID("$NetBSD: passwd.c,v 1.52 2012/06/25 22:32:47 abs Exp $");
+__RCSID("$NetBSD: passwd.c,v 1.53 2018/06/24 01:53:14 kamil Exp $");
#endif /* LIBC_SCCS and not lint */
#include <sys/types.h>
@@ -503,13 +503,21 @@ trim_whitespace(char *line)
_DIAGASSERT(line != NULL);
+ /* Handle empty string */
+ if (*line == '\0')
+ return;
+
/* Remove leading spaces */
p = line;
while (isspace((unsigned char) *p))
p++;
memmove(line, p, strlen(p) + 1);
- /* Remove trailing spaces */
+ /* Handle empty string after removal of whitespace characters */
+ if (*line == '\0')
+ return;
+
+ /* Remove trailing spaces, line must not be empty string here */
p = line + strlen(line) - 1;
while (isspace((unsigned char) *p))
p--;
