diff mbox

Don't read past end of pattern in fnmatch (BZ #17062)

Message ID mvmd2e6zfgz.fsf@hawking.suse.de
State Committed
Headers

Commit Message

Andreas Schwab June 18, 2014, 10:20 a.m. UTC 
  [BZ #17062]
	* posix/fnmatch_loop.c (FCT): Rerrange loop for skipping over rest
	of a bracket expr not to run off the end of the string.
	* posix/Makefile (tests): Add tst-fnmatch3.
	* posix/tst-fnmatch3.c: New file.
---
 posix/Makefile       |  3 ++-
 posix/fnmatch_loop.c | 13 +++----------
 posix/tst-fnmatch3.c | 30 ++++++++++++++++++++++++++++++
 3 files changed, 35 insertions(+), 11 deletions(-)
 create mode 100644 posix/tst-fnmatch3.c

Comments

Siddhesh Poyarekar June 18, 2014, 10:41 a.m. UTC | #1 
On Wed, Jun 18, 2014 at 12:20:28PM +0200, Andreas Schwab wrote:
> 	[BZ #17062]
> 	* posix/fnmatch_loop.c (FCT): Rerrange loop for skipping over rest
> 	of a bracket expr not to run off the end of the string.
> 	* posix/Makefile (tests): Add tst-fnmatch3.
> 	* posix/tst-fnmatch3.c: New file.

Looks good to me.

Siddhesh

> ---
>  posix/Makefile       |  3 ++-
>  posix/fnmatch_loop.c | 13 +++----------
>  posix/tst-fnmatch3.c | 30 ++++++++++++++++++++++++++++++
>  3 files changed, 35 insertions(+), 11 deletions(-)
>  create mode 100644 posix/tst-fnmatch3.c
> 
> diff --git a/posix/Makefile b/posix/Makefile
> index 14e6cee..37d6d5f 100644
> --- a/posix/Makefile
> +++ b/posix/Makefile
> @@ -86,7 +86,8 @@ tests		:= tstgetopt testfnm runtests runptests	     \
>  		   tst-getaddrinfo3 tst-fnmatch2 tst-cpucount tst-cpuset \
>  		   bug-getopt1 bug-getopt2 bug-getopt3 bug-getopt4 \
>  		   bug-getopt5 tst-getopt_long1 bug-regex34 bug-regex35 \
> -		   tst-pathconf tst-getaddrinfo4 tst-rxspencer-no-utf8
> +		   tst-pathconf tst-getaddrinfo4 tst-rxspencer-no-utf8 \
> +		   tst-fnmatch3
>  xtests		:= bug-ga2
>  ifeq (yes,$(build-shared))
>  test-srcs	:= globtest
> diff --git a/posix/fnmatch_loop.c b/posix/fnmatch_loop.c
> index f79d051..544769b 100644
> --- a/posix/fnmatch_loop.c
> +++ b/posix/fnmatch_loop.c
> @@ -899,11 +899,8 @@ FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used)
>  
>  	  matched:
>  	    /* Skip the rest of the [...] that already matched.  */
> -	    do
> +	    while ((c = *p++) != L (']'))
>  	      {
> -	      ignore_next:
> -		c = *p++;
> -
>  		if (c == L('\0'))
>  		  /* [... (unterminated) loses.  */
>  		  return FNM_NOMATCH;
> @@ -931,12 +928,11 @@ FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used)
>  
>  			if (c < L('a') || c >= L('z'))
>  			  {
> -			    p = startp;
> -			    goto ignore_next;
> +			    p = startp - 2;
> +			    break;
>  			  }
>  		      }
>  		    p += 2;
> -		    c = *p++;
>  		  }
>  		else if (c == L('[') && *p == L('='))
>  		  {
> @@ -947,7 +943,6 @@ FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used)
>  		    if (c != L('=') || p[1] != L(']'))
>  		      return FNM_NOMATCH;
>  		    p += 2;
> -		    c = *p++;
>  		  }
>  		else if (c == L('[') && *p == L('.'))
>  		  {
> @@ -962,10 +957,8 @@ FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used)
>  			  break;
>  		      }
>  		    p += 2;
> -		    c = *p++;
>  		  }
>  	      }
> -	    while (c != L(']'));
>  	    if (not)
>  	      return FNM_NOMATCH;
>  	  }
> diff --git a/posix/tst-fnmatch3.c b/posix/tst-fnmatch3.c
> new file mode 100644
> index 0000000..2a83c1b
> --- /dev/null
> +++ b/posix/tst-fnmatch3.c
> @@ -0,0 +1,30 @@
> +/* Test for fnmatch not reading past the end of the pattern.
> +   Copyright (C) 2014 Free Software Foundation, Inc.
> +   This file is part of the GNU C Library.
> +
> +   The GNU C Library is free software; you can redistribute it and/or
> +   modify it under the terms of the GNU Lesser General Public
> +   License as published by the Free Software Foundation; either
> +   version 2.1 of the License, or (at your option) any later version.
> +
> +   The GNU C Library is distributed in the hope that it will be useful,
> +   but WITHOUT ANY WARRANTY; without even the implied warranty of
> +   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +   Lesser General Public License for more details.
> +
> +   You should have received a copy of the GNU Lesser General Public
> +   License along with the GNU C Library; if not, see
> +   <http://www.gnu.org/licenses/>.  */
> +
> +#include <fnmatch.h>
> +
> +int
> +do_test (void)
> +{
> +  const char *pattern = "[[:alpha:]'[:alpha:]\0]";
> +
> +  return fnmatch (pattern, "a", 0) != FNM_NOMATCH;
> +}
> +
> +#define TEST_FUNCTION do_test ()
> +#include "../test-skeleton.c"
> -- 
> 2.0.0
> 
> -- 
> Andreas Schwab, SUSE Labs, schwab@suse.de
> GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE  1748 E4D4 88E3 0EEA B9D7
> "And now for something completely different."
diff mbox

Patch

diff --git a/posix/Makefile b/posix/Makefile
index 14e6cee..37d6d5f 100644
--- a/posix/Makefile
+++ b/posix/Makefile
@@ -86,7 +86,8 @@  tests		:= tstgetopt testfnm runtests runptests	     \
 		   tst-getaddrinfo3 tst-fnmatch2 tst-cpucount tst-cpuset \
 		   bug-getopt1 bug-getopt2 bug-getopt3 bug-getopt4 \
 		   bug-getopt5 tst-getopt_long1 bug-regex34 bug-regex35 \
-		   tst-pathconf tst-getaddrinfo4 tst-rxspencer-no-utf8
+		   tst-pathconf tst-getaddrinfo4 tst-rxspencer-no-utf8 \
+		   tst-fnmatch3
 xtests		:= bug-ga2
 ifeq (yes,$(build-shared))
 test-srcs	:= globtest
diff --git a/posix/fnmatch_loop.c b/posix/fnmatch_loop.c
index f79d051..544769b 100644
--- a/posix/fnmatch_loop.c
+++ b/posix/fnmatch_loop.c
@@ -899,11 +899,8 @@  FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used)
 
 	  matched:
 	    /* Skip the rest of the [...] that already matched.  */
-	    do
+	    while ((c = *p++) != L (']'))
 	      {
-	      ignore_next:
-		c = *p++;
-
 		if (c == L('\0'))
 		  /* [... (unterminated) loses.  */
 		  return FNM_NOMATCH;
@@ -931,12 +928,11 @@  FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used)
 
 			if (c < L('a') || c >= L('z'))
 			  {
-			    p = startp;
-			    goto ignore_next;
+			    p = startp - 2;
+			    break;
 			  }
 		      }
 		    p += 2;
-		    c = *p++;
 		  }
 		else if (c == L('[') && *p == L('='))
 		  {
@@ -947,7 +943,6 @@  FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used)
 		    if (c != L('=') || p[1] != L(']'))
 		      return FNM_NOMATCH;
 		    p += 2;
-		    c = *p++;
 		  }
 		else if (c == L('[') && *p == L('.'))
 		  {
@@ -962,10 +957,8 @@  FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used)
 			  break;
 		      }
 		    p += 2;
-		    c = *p++;
 		  }
 	      }
-	    while (c != L(']'));
 	    if (not)
 	      return FNM_NOMATCH;
 	  }
diff --git a/posix/tst-fnmatch3.c b/posix/tst-fnmatch3.c
new file mode 100644
index 0000000..2a83c1b
--- /dev/null
+++ b/posix/tst-fnmatch3.c
@@ -0,0 +1,30 @@ 
+/* Test for fnmatch not reading past the end of the pattern.
+   Copyright (C) 2014 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <http://www.gnu.org/licenses/>.  */
+
+#include <fnmatch.h>
+
+int
+do_test (void)
+{
+  const char *pattern = "[[:alpha:]'[:alpha:]\0]";
+
+  return fnmatch (pattern, "a", 0) != FNM_NOMATCH;
+}
+
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"