Bug in sh_backslash_quote function (bash 4.3.33)

bug-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bug in sh_backslash_quote function (bash 4.3.33)

From:	Верещагин Алексей
Subject:	Bug in sh_backslash_quote function (bash 4.3.33)
Date:	Wed, 04 Mar 2015 20:59:51 +0300

Bash Version: 4.3.33
File: lib/sh/shquote.c
Function: sh_backslash_quote
Line: if (backslash_table[c] == 1)

Description
-----------
Variable "c" has signed integer type and may be negative (if "string" is
not only ASCII characters string). But "c" used as an index in
"backslash_table" array. This causes out of range error and produce
undefined behavior.

Possible solution
-----------------
Cast variable "c" to unsigned char type:
if (backslash_table[(unsigned char)c] == 1)

[Prev in Thread]

Current Thread

[Next in Thread]

Bug in sh_backslash_quote function (bash 4.3.33), Верещагин Алексей <=
- Re: Bug in sh_backslash_quote function (bash 4.3.33), Eric Blake, 2015/03/04
  - Re: Bug in sh_backslash_quote function (bash 4.3.33), Алексей Верещагин, 2015/03/04
- Re: Bug in sh_backslash_quote function (bash 4.3.33), Chet Ramey, 2015/03/05

Prev by Date: Re: Strange file -i
Next by Date: Re: Bug in sh_backslash_quote function (bash 4.3.33)
Previous by thread: Strange file -i
Next by thread: Re: Bug in sh_backslash_quote function (bash 4.3.33)
Index(es):
- Date
- Thread