[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
decode_prompt_string () bug in octal expansion
|
From: |
ralph |
|
Subject: |
decode_prompt_string () bug in octal expansion |
|
Date: |
Fri, 22 Dec 2000 04:53:10 +0100 (CET) |
Configuration Information [Automatically generated, do not change]:
Machine: i586
OS: linux-gnu
Compiler: gcc
Compilation CFLAGS: -DPROGRAM='bash' -DCONF_HOSTTYPE='i586'
-DCONF_OSTYPE='linux-gnu' -DCONF_MACHTYPE='i586-pc-linux-gnu'
-DCONF_VENDOR='pc' -DSHELL -DHAVE_CONFIG_H -D_FILE_OFFSET_BITS=64 -I. -I.
-I./include -I./lib -I/opt/shells/bash/include -g -O2
uname output: Linux alesaismaphia.myip.org 2.4.0-test12 #6 Thu Dec 21 21:50:42
CET 2000 i586 unknown
Machine Type: i586-pc-linux-gnu
Bash Version: 2.04
Patch Level: 0
Release Status: release
Description:
in decode_prompt_string () (file parse.y line 3005) when expanding
octal sequences, you assume
> string += 3;
if the octal sequence isn't 3 bytes long and the octal is at the end
of *string, the end of *string ('\0') is skipped, so the prompt will
be broken (heap inspection)
Repeat-By:
export PS1=\\0
export PS2=\\12
# any \\octal_numer_with_less_than_3_digits
Fix:
instead of
> string +=3;
i use
{
int i=0;
for (; (*string>='0') && (*string <='7') && i<=2; i++)
string++;
}
i check for the lenght of the octal sequence in the next 3 bytes, so i
dont't break \0000000.
please reply at <alphanum@libero.it>, otherwise because the dyndns
when i'm offline points to someone else your reply may not arrive
to me.
ralph karamanzov -- maphiasoft associated
- decode_prompt_string () bug in octal expansion,
ralph <=