libpkgconf: fragment: fix out of boundary read #195

Closed

stoeckmann wants to merge 1 commits from fragment into master

Author	SHA1	Message	Date
Tobias Stoeckmann	d277cf82b0	libpkgconf: fragment: fix out of boundary read Parsing a fragment which consists only of a single dash leads to an out of boundary read. It duplicates the following entry which is not expected behaviour if another fragment follows. Proof of concept: $ cat > poc.pc << "EOF" Name: poc Description: poc Version: 1 Cflags: - -I/somewhere EOF $ PKG_CONFIG_PATH=. pkgconf --cflags poc -I/somewhere -I/somewhere If - is the last entry, it leads to an out of boundary read, which is easy to see if pkgconf is compiled with address sanitizer.	2020-05-29 19:35:42 +02:00

Author

SHA1

Message

Date

Tobias Stoeckmann

d277cf82b0

libpkgconf: fragment: fix out of boundary read

Parsing a fragment which consists only of a single dash leads to
an out of boundary read. It duplicates the following entry which
is not expected behaviour if another fragment follows.

Proof of concept:

$ cat > poc.pc << "EOF"
Name: poc
Description: poc
Version: 1
Cflags: - -I/somewhere
EOF
$ PKG_CONFIG_PATH=. pkgconf --cflags poc
-I/somewhere -I/somewhere

If - is the last entry, it leads to an out of boundary read, which is
easy to see if pkgconf is compiled with address sanitizer.

2020-05-29 19:35:42 +02:00

libpkgconf: fragment: fix out of boundary read #195

1 Commits (master)