[PATCH 1/2] hush: do not do anything if string is zero length
Aleksey Kuleshov
rndfax at yandex.ru
Thu Aug 18 01:52:00 PDT 2016
>> diff --git a/common/hush.c b/common/hush.c
>> index d3f7bf3..d8fd64b 100644
>> --- a/common/hush.c
>> +++ b/common/hush.c
>> @@ -1655,6 +1655,9 @@ char *shell_expand(char *str)
>> o_string o = {};
>> char *res, *parsed;
>>
>> + if (strlen(str) == 0)
>> + return xstrdup("");
>> +
>
> Can you explain why this is necessary? What happens with an empty string
> without this patch?
/*
* shell_expand - Expand shell variables in a string.
* @str: The input string containing shell variables like
* $var or ${var}
* Return: The expanded string. Must be freed with free().
*/
If shell_expand should be called _only_ with string containing _at least one_ $var or ${var} then this patch is wrong.
And since shell_expand is called only from menutree.c then it's menutree.c's responsibility to verify the string.
Otherwise:
If you pass zero length string (i.e. shell_expand("")) you will end up with "Segmentation Fault"
because this line:
parse_string(&o, &ctx, str);
will give you o.data = NULL
and then comes this line:
parsed = xmemdup(o.data, o.length + 1);
PS. And if you will not fill 'title' file for menu with some data you will get "Segmentation Fault".
More information about the barebox
mailing list