pr -e, with a mix of backspaces and TABs, could corrupt the heap in multibyte locales (analyzed by J.Koncicky)

2013-08-15 13:26:11 +02:00 · 2013-08-15 13:26:11 +02:00 · 32c6651930
parent 0dcc5a0d5e
commit 32c6651930
2 changed files with 17 additions and 3 deletions
--- a/coreutils-i18n.patch
+++ b/coreutils-i18n.patch
@ -2263,7 +2263,7 @@ diff -urNp coreutils-8.21-orig/src/pr.c coreutils-8.21/src/pr.c
     {
       width = TAB_WIDTH (chars_per_c, input_position);
 
-@@ -2724,6 +2930,154 @@ char_to_clump (char c)
+@@ -2724,6 +2930,164 @@ char_to_clump (char c)
   return chars;
 }
 
@ -2410,7 +2410,17 @@ diff -urNp coreutils-8.21-orig/src/pr.c coreutils-8.21/src/pr.c
 +      mbc_pos -= mblength;
 +    }
 +
-+  input_position += width;
+  /* Too many backspaces must put us in position 0 -- never negative. */
+  if (width < 0 && input_position == 0)
+    {
+      chars = 0;
+      input_position = 0;
+    }
+  else if (width < 0 && input_position <= -width)
+    input_position = 0;
+  else
+   input_position += width;
+
 +  return chars;
 +}
 +#endif
--- a/coreutils.spec
+++ b/coreutils.spec
@ -1,7 +1,7 @@
 Summary: A set of basic GNU tools commonly used in shell scripts
 Name:    coreutils
 Version: 8.21
-Release: 17%{?dist}
+Release: 18%{?dist}
 License: GPLv3+
 Group:   System Environment/Base
 Url:     http://www.gnu.org/software/coreutils/
@ -375,6 +375,10 @@ fi
 %{_sbindir}/chroot

 %changelog
+* Thu Aug 15 2013 Ondrej Vasik <ovasik@redhat.com> 8.21-18
+- pr -e, with a mix of backspaces and TABs, could corrupt the heap
+  in multibyte locales (analyzed by J.Koncicky)
+
 * Wed Aug 14 2013 Ondrej Oprala <ooprala@redhat.com> 8.21-17
 - Fix sort multibyte incompatibilities