From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 037CE158041 for ; Fri, 29 Mar 2024 11:22:59 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 440C5E2A42; Fri, 29 Mar 2024 11:22:58 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 25567E2A42 for ; Fri, 29 Mar 2024 11:22:58 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 5C8C9343067 for ; Fri, 29 Mar 2024 11:22:57 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id C017CBEB for ; Fri, 29 Mar 2024 11:22:55 +0000 (UTC) From: "Fabian Groffen" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Fabian Groffen" Message-ID: <1711711192.cc4de0decf915ee76fcbf4420f15e68e6d10a17a.grobian@gentoo> Subject: [gentoo-commits] proj/portage-utils:master commit in: / X-VCS-Repository: proj/portage-utils X-VCS-Files: qmanifest.c X-VCS-Directories: / X-VCS-Committer: grobian X-VCS-Committer-Name: Fabian Groffen X-VCS-Revision: cc4de0decf915ee76fcbf4420f15e68e6d10a17a X-VCS-Branch: master Date: Fri, 29 Mar 2024 11:22:55 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: c589ddc2-f7ad-48c3-89d3-d31e69e58458 X-Archives-Hash: 0725f9dc6947681494b8d40d1a7f0f1f commit: cc4de0decf915ee76fcbf4420f15e68e6d10a17a Author: Fabian Groffen gentoo org> AuthorDate: Fri Mar 29 11:19:52 2024 +0000 Commit: Fabian Groffen gentoo org> CommitDate: Fri Mar 29 11:19:52 2024 +0000 URL: https://gitweb.gentoo.org/proj/portage-utils.git/commit/?id=cc4de0de qmanifest: avoid out of bounds access in append_list macro Empty strings, or those being just whitespace were not handled correctly. Thanks bstaletic in PR #19 for pointing this out. Avoid running under the original string pointer and skip any checks for strings that are too short to match anything in particular. This sweeps an edgecase of just a single whitespace char under the carpet -- which is just about fine, for it needs not to be handled for any legitimate case. Signed-off-by: Fabian Groffen gentoo.org> qmanifest.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/qmanifest.c b/qmanifest.c index 2bb0f11..5246fc4 100644 --- a/qmanifest.c +++ b/qmanifest.c @@ -1421,13 +1421,15 @@ verify_manifest( #define append_list(STR) \ if (strncmp(STR, "TIMESTAMP ", 10) != 0 || strncmp(STR, "DIST ", 5) != 0) {\ char *endp = STR + strlen(STR) - 1;\ - while (isspace(*endp))\ + while (endp > STR && isspace(*endp))\ *endp-- = '\0';\ if (elemslen == elemssize) {\ elemssize += LISTSZ;\ elems = xrealloc(elems, elemssize * sizeof(elems[0]));\ }\ - if (strncmp(STR, "IGNORE ", 7) == 0) {\ + if (endp - STR < 4) {\ + /* avoid doing comparisons, none will match */\ + } else if (strncmp(STR, "IGNORE ", 7) == 0) {\ STR[5] = 'I';\ elems[elemslen] = xstrdup(STR + 5);\ elemslen++;\