projects / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 63018ba)
* glob.c (execbrc): Fix some fencepost errors. Don't copy
authorTom Yu <tlyu@mit.edu>
Sat, 8 Dec 2001 01:57:48 +0000 (01:57 +0000)
committerTom Yu <tlyu@mit.edu>
Sat, 8 Dec 2001 01:57:48 +0000 (01:57 +0000)
uninitialized memory past the end of the pattern string.  Don't
increment pointer beyond string end.
[pullup from 1.2.3]

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14058 dc483132-0cff-0310-8789-dd5450dbe970

src/appl/gssftp/ftp/ChangeLog patch | blob | history
src/appl/gssftp/ftp/glob.c patch | blob | history

diff --git a/src/appl/gssftp/ftp/ChangeLog b/src/appl/gssftp/ftp/ChangeLog
index 330a6beec4034f4db46522d2f6992934944c81e7..fc15245dab196319f53e825d58c6da44197273b4 100644 (file)
--- a/src/appl/gssftp/ftp/ChangeLog
+++ b/src/appl/gssftp/ftp/ChangeLog
@@ -1,3 +1,9 @@
+2001-11-30  Tom Yu  <tlyu@mit.edu>
+
+       * glob.c (execbrc): Fix some fencepost errors.  Don't copy
+       uninitialized memory past the end of the pattern string.  Don't
+       increment pointer beyond string end.
+
 2001-10-10  Danilo Almeida  <dalmeida@mit.edu>
 
        * ftp.c: Conditionalize declarations of some "unused variables" to
diff --git a/src/appl/gssftp/ftp/glob.c b/src/appl/gssftp/ftp/glob.c
index b33de3a8f2b0fab3b8baf7505059b6ec67b54458..272e503056339c6e51216ae9d60dd9bb5e1ffd06 100644 (file)
--- a/src/appl/gssftp/ftp/glob.c
+++ b/src/appl/gssftp/ftp/glob.c
@@ -338,6 +338,7 @@ execbrc(p, s)
 
        for (lm = restbuf; *p != '{'; *lm++ = *p++)
                continue;
+       /* pe starts pointing to one past the first '{'. */
        for (pe = ++p; *pe; pe++)
        switch (*pe) {
 
@@ -354,6 +355,8 @@ execbrc(p, s)
        case '[':
                for (pe++; *pe && *pe != ']'; pe++)
                        continue;
+               if (!*pe)
+                       pe--;
                continue;
        }
 pend:
@@ -366,7 +369,7 @@ pend:
                continue;
 
        case '}':
-               if (brclev) {
+               if (brclev) {   /* brclev = 0 is outermost brace set */
                        brclev--;
                        continue;
                }
@@ -381,7 +384,10 @@ doit:
                *pm = 0;
                (void) strncpy(lm, pl, sizeof(restbuf) - 1 - (lm - restbuf));
                restbuf[sizeof(restbuf) - 1] = '\0';
-               (void) strncat(restbuf, pe + 1, sizeof(restbuf) - 1 - strlen(restbuf));
+               if (*pe) {
+                       (void) strncat(restbuf, pe + 1,
+                                      sizeof(restbuf) - 1 - strlen(restbuf));
+               }
                *pm = savec;
                if (s == 0) {
                        sgpathp = gpathp;
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.