diff options
| author | Robin Haberkorn <robin.haberkorn@googlemail.com> | 2022-11-28 06:05:48 +0300 |
|---|---|---|
| committer | Robin Haberkorn <robin.haberkorn@googlemail.com> | 2022-11-28 06:05:48 +0300 |
| commit | 9a20db4b5257d56d2d6030a20ad42f5e0dc9f25b (patch) | |
| tree | 194d28409d2e4e5e15ed172b16c8ff5396cd2fb7 /src/spawn.c | |
| parent | 9c789e80407cdfe3f5f7d2feb8e77bdeb130b78a (diff) | |
| download | sciteco-9a20db4b5257d56d2d6030a20ad42f5e0dc9f25b.tar.gz | |
fixed a number of crashes due to empty string arguments or uninitialized registers
* An empty but valid teco_string_t can contain NULL pointers.
More precisely, a state's done_cb() can be invoked with such empty strings
in case of empty string arguments.
Also a registers get_string() can return the NULL pointer
for existing registers with uninitialized string parts.
* In all of these cases, the language should treat "uninitialized" strings
exactly like empty strings.
* Not doing so, resulted in a number of vulnerabilities.
* EN$$ crashed if "_" was uninitialized
* The ^E@q and ^ENq string building constructs would crash for existing but
uninitialized registers q.
* ?$ would crash
* ESSETILEXER$$ would crash
* This is now fixed.
Test cases have been added.
* I cannot guarantee that I have found all such cases.
Generally, it might be wise to change our definitions and make sure that
every teco_string_t must have an associated heap object to be valid.
All functions returning pointer+length pairs should consequently also never
return NULL pointers.
Diffstat (limited to 'src/spawn.c')
| -rw-r--r-- | src/spawn.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/spawn.c b/src/spawn.c index 92b8436..59a286f 100644 --- a/src/spawn.c +++ b/src/spawn.c @@ -236,6 +236,7 @@ teco_state_execute_done(teco_machine_main_t *ctx, const teco_string_t *str, GErr "Command line must not contain null-bytes"); goto gerror; } + g_assert(str->data != NULL); argv = teco_parse_shell_command_line(str->data, error); if (!argv) |