Module Name: src Committed By: martin Date: Sun Jun 24 09:34:33 UTC 2018
Modified Files: src/lib/libutil [netbsd-8]: passwd.c Log Message: Pull up following revision(s) (requested by kamil in ticket #899): lib/libutil/passwd.c: revision 1.53 Prevent underflow buffer read in trim_whitespace() in libutil/passwd.c If a string is empty or contains only white characters, the algorithm of removal of white characters at the end of the passed string will read buffer at index -1 and keep iterating backward. Detected with MKSANITIZER/ASan when executing passwd(1). To generate a diff of this commit: cvs rdiff -u -r1.52 -r1.52.24.1 src/lib/libutil/passwd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/lib/libutil/passwd.c diff -u src/lib/libutil/passwd.c:1.52 src/lib/libutil/passwd.c:1.52.24.1 --- src/lib/libutil/passwd.c:1.52 Mon Jun 25 22:32:47 2012 +++ src/lib/libutil/passwd.c Sun Jun 24 09:34:33 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: passwd.c,v 1.52 2012/06/25 22:32:47 abs Exp $ */ +/* $NetBSD: passwd.c,v 1.52.24.1 2018/06/24 09:34:33 martin Exp $ */ /* * Copyright (c) 1987, 1993, 1994, 1995 @@ -31,7 +31,7 @@ #include <sys/cdefs.h> #if defined(LIBC_SCCS) && !defined(lint) -__RCSID("$NetBSD: passwd.c,v 1.52 2012/06/25 22:32:47 abs Exp $"); +__RCSID("$NetBSD: passwd.c,v 1.52.24.1 2018/06/24 09:34:33 martin Exp $"); #endif /* LIBC_SCCS and not lint */ #include <sys/types.h> @@ -503,13 +503,21 @@ trim_whitespace(char *line) _DIAGASSERT(line != NULL); + /* Handle empty string */ + if (*line == '\0') + return; + /* Remove leading spaces */ p = line; while (isspace((unsigned char) *p)) p++; memmove(line, p, strlen(p) + 1); - /* Remove trailing spaces */ + /* Handle empty string after removal of whitespace characters */ + if (*line == '\0') + return; + + /* Remove trailing spaces, line must not be empty string here */ p = line + strlen(line) - 1; while (isspace((unsigned char) *p)) p--;