summaryrefslogblamecommitdiff
path: root/system/pkgconf/0001-tuple-Ensure-buf-length-is-always-1-in-dequote.patch
blob: d1a423391499d30f0dfaf561b6e555012c89a950 (plain) (tree)




















































                                                                                                                     
From 9b7affe0b1e6512c6c73d19e1220c94fdb5c8159 Mon Sep 17 00:00:00 2001
From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
Date: Sat, 28 Jul 2018 19:06:33 -0500
Subject: [PATCH] tuple: Ensure buf length is always >= 1 in dequote
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

If a key is defined with no value, dequote will allocate a buffer with a
length of 0.  Since the buffer's length is 0, any manipulation of its
content is UB.

Example .pc file:

prefix=/usr
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include

xcflags=
xlibs= -lSM -lICE  -lX11

Name: Obt
Description: Openbox Toolkit Library
Version: 3.6
Requires: glib-2.0 libxml-2.0
Libs: -L${libdir} -lobt ${xlibs}
Cflags: -I${includedir}/openbox/3.6 ${xcflags}

Output using pkgconf 1.5.2 on x86_64 Linux/musl:

% pkgconf --cflags obt-3.5
-I/usr/include/openbox/3.6 \�\\�I\�\ -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/include/libxml2
---
 libpkgconf/tuple.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libpkgconf/tuple.c b/libpkgconf/tuple.c
index 26dc5d5..8523709 100644
--- a/libpkgconf/tuple.c
+++ b/libpkgconf/tuple.c
@@ -139,7 +139,7 @@ pkgconf_tuple_find_delete(pkgconf_list_t *list, const char *key)
 static char *
 dequote(const char *value)
 {
-	char *buf = calloc(strlen(value) * 2, 1);
+	char *buf = calloc((strlen(value) + 1) * 2, 1);
 	char *bptr = buf;
 	const char *i;
 	char quote = 0;
-- 
2.17.1