This fixes two issues with the parsing of random values:
1) A random value with a step is now rejected. For example:
~/10 * * * * echo invalid
0~59/10 * * * * echo invalid
10~/10 * * * * echo invalid
~40/10 * * * * echo invalid
Previously, the '/' would just be discarded.
2) The high and low random bound values are now checked. Previously,
only the randomized number was bounds-checked (which is usually
too late). This is more consistent with the behavior of ranges
(low-high). The following invalid entry is now rejected.
0~60 * * * * echo max minute is 59
Whereas before it would work most (but not all!) of the time.
OK?
- todd
diff -u -p -u -r1.53 entry.c
--- usr.sbin/cron/entry.c 21 May 2022 01:21:29 -0000 1.53
+++ usr.sbin/cron/entry.c 4 May 2023 21:19:40 -0000
@@ -498,12 +498,17 @@ get_range(bitstr_t *bits, int low, int h
/* get the (optional) number following the tilde
*/
ch = get_number(&num2, low, names, ch, file, ", \t\n");
- if (ch == EOF)
+ if (ch == EOF) {
+ /* no second number, check for valid terminator
+ */
ch = get_char(file);
- if (ch == EOF || num1 > num2) {
- unget_char(ch, file);
- return (EOF);
+ if (!strchr(", \t\n", ch)) {
+ unget_char(ch, file);
+ return (EOF);
+ }
}
+ if (num1 > num2 || num1 < low || num2 > high)
+ return (EOF);
/* get a random number in the interval [num1, num2]
*/
