From b8f9cab1ad3166d316d11661d6d8b1f94aaca1d4 Mon Sep 17 00:00:00 2001 From: tijl Date: Mon, 13 Feb 2012 10:24:22 +0000 Subject: [PATCH] MFC r228636: Correct a logic error in usr.bin/hexdump/conv.c, found by clang. Whenever the conv_c() function encounters an incomplete multibyte char, it peeks ahead. It also sets p to peekbuf, to indicate it is still processing the incomplete character. However, on the next retry, it compares buf against peekbuf, which always returns false, since both buf and peekbuf are local char arrays, whose addresses are never the same. Fix this by comparing against p instead, which was the intention. Also turn peekbuf into an array of u_char, to prevent conversion warnings. MFC r229794: - Fix how hexdump parses escape strings From the NetBSD bug: The way how hexdump(1) parses escape sequences has some bugs. It shows up when an escape sequence is used as the non-last character of a format string. MFC r230649: Fix decoding of escape sequences in format strings: - Zero-terminate the resulting string by letting the for-loop copy the terminating zero. - Exit the for-loop after handling a backslash at the end of the format string to fix a buffer overrun. - Remove some unnecessary comments and blank lines. PR: bin/144722 git-svn-id: svn://svn.freebsd.org/base/stable/8@231577 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f --- usr.bin/hexdump/conv.c | 4 ++-- usr.bin/hexdump/parse.c | 24 ++++++++++++++++-------- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/usr.bin/hexdump/conv.c b/usr.bin/hexdump/conv.c index 96dc2d64c..ae4ea8833 100644 --- a/usr.bin/hexdump/conv.c +++ b/usr.bin/hexdump/conv.c @@ -57,7 +57,7 @@ conv_c(PR *pr, u_char *p, size_t bufsize) wchar_t wc; size_t clen, oclen; int converr, pad, width; - char peekbuf[MB_LEN_MAX]; + u_char peekbuf[MB_LEN_MAX]; if (pr->mbleft > 0) { str = "**"; @@ -107,7 +107,7 @@ retry: if (clen == 0) clen = 1; else if (clen == (size_t)-1 || (clen == (size_t)-2 && - buf == peekbuf)) { + p == peekbuf)) { memset(&pr->mbstate, 0, sizeof(pr->mbstate)); wc = *p; clen = 1; diff --git a/usr.bin/hexdump/parse.c b/usr.bin/hexdump/parse.c index 07ad63d0f..5354675ad 100644 --- a/usr.bin/hexdump/parse.c +++ b/usr.bin/hexdump/parse.c @@ -259,7 +259,9 @@ rewrite(FS *fs) sokay = NOTOKAY; } - p2 = p1 + 1; /* Set end pointer. */ + p2 = *p1 ? p1 + 1 : p1; /* Set end pointer -- make sure + * that it's non-NUL/-NULL first + * though. */ cs[0] = *p1; /* Set conversion string. */ cs[1] = '\0'; @@ -453,13 +455,14 @@ escape(char *p1) char *p2; /* alphabetic escape sequences have to be done in place */ - for (p2 = p1;; ++p1, ++p2) { - if (!*p1) { - *p2 = *p1; - break; - } - if (*p1 == '\\') - switch(*++p1) { + for (p2 = p1;; p1++, p2++) { + if (*p1 == '\\') { + p1++; + switch(*p1) { + case '\0': + *p2 = '\\'; + *++p2 = '\0'; + return; case 'a': /* *p2 = '\a'; */ *p2 = '\007'; @@ -486,6 +489,11 @@ escape(char *p1) *p2 = *p1; break; } + } else { + *p2 = *p1; + if (*p1 == '\0') + return; + } } } -- 2.45.0