shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-03-08 20:58:20 +03:00
Code

escape: fix wrong octescape of bad character

Browse Source 
Fixes a bug introduced by 95052df3760523e1f3bb9705c918d85aae7fb431.

This also makes octescape() support NULL or zero length string.

Fixes [oss-fuzz#54059](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54059).

Fixes #25643.
This commit is contained in:
Yu Watanabe 2022-12-06 12:00:41 +09:00
parent 83320324df
commit 76519cecc7
2 changed files with 14 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/basic/escape.c
View File

@ -445,31 +445,30 @@ char* escape_non_printable_full(const char *str, size_t console_width, XEscapeFl
}
char* octescape(const char *s, size_t len) {
char *r, *t;
const char *f;
char *buf, *t;
/* Escapes all chars in bad, in addition to \ and " chars,
* in \nnn style escaping. */
/* Escapes all chars in bad, in addition to \ and " chars, in \nnn style escaping. */
r = new(char, len * 4 + 1);
if (!r)
assert(s || len == 0);
t = buf = new(char, len * 4 + 1);
if (!buf)
return NULL;
for (f = s, t = r; f < s + len; f++) {
for (size_t i = 0; i < len; i++) {
uint8_t u = (uint8_t) s[i];
if (*f < ' ' || *f >= 127 || IN_SET(*f, '\\', '"')) {
if (u < ' ' || u >= 127 || IN_SET(u, '\\', '"')) {
*(t++) = '\\';
*(t++) = '0' + (*f >> 6);
*(t++) = '0' + ((*f >> 3) & 8);
*(t++) = '0' + (*f & 8);
*(t++) = '0' + (u >> 6);
*(t++) = '0' + ((u >> 3) & 7);
*(t++) = '0' + (u & 7);
} else
*(t++) = *f;
*(t++) = u;
}
*t = 0;
return r;
return buf;
}
static char* strcpy_backslash_escaped(char *t, const char *s, const char *bad) {

BIN
test/fuzz/fuzz-resource-record/clusterfuzz-testcase-minimized-fuzz-resource-record-5844226627993600 Normal file
View File

Binary file not shown.