fix shf.c-internal buffer overread on printing digits,

introduced by the utf_skipcols()-related fixes, more
specifically the check for combining multibyte characters
past end of given width (bogus mixed-up semantics we have here)
by reïntroducing the NUL byte from commitid 1005474EE1E4024A4E4
This commit is contained in:
tg
2016-05-17 15:36:35 +00:00
parent 55e51d9580
commit 9ab9ee194c
3 changed files with 9 additions and 8 deletions

View File

@@ -1,4 +1,4 @@
# $MirOS: src/bin/mksh/check.t,v 1.731 2016/05/05 22:58:19 tg Exp $ # $MirOS: src/bin/mksh/check.t,v 1.732 2016/05/17 15:36:31 tg Exp $
# -*- mode: sh -*- # -*- mode: sh -*-
#- #-
# Copyright © 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, # Copyright © 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
@@ -30,7 +30,7 @@
# (2013/12/02 20:39:44) http://openbsd.cs.toronto.edu/cgi-bin/cvsweb/src/regress/bin/ksh/?sortby=date # (2013/12/02 20:39:44) http://openbsd.cs.toronto.edu/cgi-bin/cvsweb/src/regress/bin/ksh/?sortby=date
expected-stdout: expected-stdout:
@(#)MIRBSD KSH R52 2016/05/05 @(#)MIRBSD KSH R52 2016/05/17
description: description:
Check version of shell. Check version of shell.
stdin: stdin:
@@ -39,7 +39,7 @@ name: KSH_VERSION
category: shell:legacy-no category: shell:legacy-no
--- ---
expected-stdout: expected-stdout:
@(#)LEGACY KSH R52 2016/05/05 @(#)LEGACY KSH R52 2016/05/17
description: description:
Check version of legacy shell. Check version of legacy shell.
stdin: stdin:

4
sh.h
View File

@@ -175,9 +175,9 @@
#endif #endif
#ifdef EXTERN #ifdef EXTERN
__RCSID("$MirOS: src/bin/mksh/sh.h,v 1.771 2016/05/05 22:56:14 tg Exp $"); __RCSID("$MirOS: src/bin/mksh/sh.h,v 1.772 2016/05/17 15:36:34 tg Exp $");
#endif #endif
#define MKSH_VERSION "R52 2016/05/05" #define MKSH_VERSION "R52 2016/05/17"
/* arithmetic types: C implementation */ /* arithmetic types: C implementation */
#if !HAVE_CAN_INTTYPES #if !HAVE_CAN_INTTYPES

7
shf.c
View File

@@ -25,7 +25,7 @@
#include "sh.h" #include "sh.h"
__RCSID("$MirOS: src/bin/mksh/shf.c,v 1.73 2016/05/05 22:56:15 tg Exp $"); __RCSID("$MirOS: src/bin/mksh/shf.c,v 1.74 2016/05/17 15:36:35 tg Exp $");
/* flags to shf_emptybuf() */ /* flags to shf_emptybuf() */
#define EB_READSW 0x01 /* about to switch to reading */ #define EB_READSW 0x01 /* about to switch to reading */
@@ -774,7 +774,7 @@ shf_vfprintf(struct shf *shf, const char *fmt, va_list args)
size_t field, precision, len; size_t field, precision, len;
unsigned long lnum; unsigned long lnum;
/* %#o produces the longest output */ /* %#o produces the longest output */
char numbuf[(8 * sizeof(long) + 2) / 3 + 1]; char numbuf[(8 * sizeof(long) + 2) / 3 + 1 + /* NUL */ 1];
/* this stuff for dealing with the buffer */ /* this stuff for dealing with the buffer */
ssize_t nwritten = 0; ssize_t nwritten = 0;
@@ -914,6 +914,7 @@ shf_vfprintf(struct shf *shf, const char *fmt, va_list args)
integral: integral:
flags |= FL_NUMBER; flags |= FL_NUMBER;
cp = numbuf + sizeof(numbuf); cp = numbuf + sizeof(numbuf);
*--cp = '\0';
switch (c) { switch (c) {
case 'd': case 'd':
@@ -964,7 +965,7 @@ shf_vfprintf(struct shf *shf, const char *fmt, va_list args)
} }
} }
} }
len = numbuf + sizeof(numbuf) - (s = cp); len = numbuf + sizeof(numbuf) - 1 - (s = cp);
if (flags & FL_DOT) { if (flags & FL_DOT) {
if (precision > len) { if (precision > len) {
field = precision; field = precision;