libpkgconf: fragment: fix out of boundary read #195

Closed
stoeckmann wants to merge 1 commits from fragment into master

1 Commits (master)

Author SHA1 Message Date
Tobias Stoeckmann d277cf82b0 libpkgconf: fragment: fix out of boundary read
Parsing a fragment which consists only of a single dash leads to
an out of boundary read. It duplicates the following entry which
is not expected behaviour if another fragment follows.

Proof of concept:

$ cat > poc.pc << "EOF"
Name: poc
Description: poc
Version: 1
Cflags: - -I/somewhere
EOF
$ PKG_CONFIG_PATH=. pkgconf --cflags poc
-I/somewhere -I/somewhere

If - is the last entry, it leads to an out of boundary read, which is
easy to see if pkgconf is compiled with address sanitizer.
2020-05-29 19:35:42 +02:00