From patchwork Sat Jul 6 01:37:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Herbert Xu X-Patchwork-Id: 13725590 X-Patchwork-Delegate: herbert@gondor.apana.org.au Received: from norbury.hmeau.com (abb.hmeau.com [144.6.53.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 90BA833F9 for ; Sat, 6 Jul 2024 01:37:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=144.6.53.87 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720229856; cv=none; b=V1CnYWzCC9C31zUzPiKT5HBEtgxwnCHwIntAYtGB5rNLTkvOtba6P0M0HwM22r6VaJFhRG87zR+AGx0UCJK5qkbijyUzWsto0vJ8C5+caoOuI8Wn2tMIaZNENiwoSpIQcwtazmYF6CRiBLpw/GfLX7HnH7tEwsipzo3np9EoGpo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720229856; c=relaxed/simple; bh=HLOS7fF0/SkQ+55ZvFPTEmfzMnqruAC/6aSxkBSkYbs=; h=Date:From:To:Cc:Subject:Message-ID:MIME-Version:Content-Type: Content-Disposition:In-Reply-To; b=lui8hH/ToSWS8amldnFEmwTEKhKMoMeLoI4gpPhUm34czr4tRbTD9o7gblkzXq39aL4S+OJxGict1WTzOmHP9JLLhyL/T7ba4EnfSqpn9JEX+PzHVp635qyKrPXp2rjdxlYh43EVN62H9+Bt+Wx3S6mkbMEqnA9NYFzYKyPu9aI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au; spf=pass smtp.mailfrom=gondor.apana.org.au; arc=none smtp.client-ip=144.6.53.87 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gondor.apana.org.au Received: from gwarestrin.arnor.me.apana.org.au ([192.168.103.7]) by norbury.hmeau.com with smtp (Exim 4.96 #2 (Debian)) id 1sPuMj-006hY0-2s; Sat, 06 Jul 2024 11:37:30 +1000 Received: by gwarestrin.arnor.me.apana.org.au (sSMTP sendmail emulation); Sat, 06 Jul 2024 11:37:16 +1000 Date: Sat, 6 Jul 2024 11:37:16 +1000 From: Herbert Xu To: =?utf-8?b?0L3QsNCx?= Cc: dash@vger.kernel.org Subject: [PATCH] parser: Do not read past single quote in dollarsq_escape Message-ID: Precedence: bulk X-Mailing-List: dash@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Newsgroups: apana.lists.os.linux.dash наб wrote: > > Current HEAD of 776424a8f9158bfe9f53aa55f931af9f73437caf > ("parser: Add dollar single quote"): > $ printf '%s\n' $'\123' > simply hangs. > > strace shows > read(0, printf '%s\n' $'\123' > "printf '%s\\n' $'\\123'\n", 8192) = 22 > read(0, > > Bisecting this says that this is the first problematic commit. > > Actually writing around five bytes makes it write the S\n and continue > (and interpret those five bytes as-if typed at the prompt). Thanks for the report. This patch should fix the problem: ---8<--- The function dollarsq_escape may read past the current escape code in order to provide enough data to the underlying escape code processing function. This is OK because we will call unget to return any unused characters. However, if this occurs at the end of a quoted string, this may prompt the user for more input which is wrong. Fix this by terminating the loop whenever we see a single quote. Even if this is an escaped single quote and thus does not indicate the end of the whole quoted string, it's still OK because no single escape code can continue after a single quote. Reported-by: наб Fixes: 776424a8f915 ("parser: Add dollar single quote") Signed-off-by: Herbert Xu --- src/parser.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/parser.c b/src/parser.c index d1bec58..aecc18f 100644 --- a/src/parser.c +++ b/src/parser.c @@ -938,13 +938,16 @@ static char *dollarsq_escape(char *out) unsigned len; char *p; - for (len = 0; len < sizeof(str) - 1; len++) { + for (len = 0; len < sizeof(str) - 1;) { int c = pgetc(); if (c <= PEOF) break; - str[len] = c; + str[len++] = c; + + if (c == '\'') + break; } str[len] = 0;