folkslinux
/
openrc
mirror of https://github.com/OpenRC/openrc.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

librc: Use proper string length in file_regex. 

Currently the code uses the total size of the buffer as the bounds for
looping \0 separated fields, which leads to reading uninitialized data
and possibly overrun the buffer during regexec.

Observed on musl while matching /proc/cpuinfo.
This commit is contained in:
Anna (navi) Figueiredo Gomes 2024-09-18 01:54:34 +02:00 committed by William Hubbs
parent 8cafbb76bc
commit 171ba6d836
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/librc/librc.c
View File

@ -175,7 +175,7 @@ file_regex(const char *file, const char *regex)
{ {
FILE *fp; FILE *fp;
char *line = NULL; char *line = NULL;
size_t len = 0; size_t size = 0, len = 0;
regex_t re; regex_t re;
bool retval = true; bool retval = true;
int result; int result;
@ -192,7 +192,7 @@ file_regex(const char *file, const char *regex)
return false; return false;
} }
while ((rc_getline(&line, &len, fp))) { while ((len = rc_getline(&line, &size, fp))) {
char *str = line; char *str = line;
/* some /proc files have \0 separated content so we have to /* some /proc files have \0 separated content so we have to
loop through the 'line' */ loop through the 'line' */