diff options
| author | Jun-ichi Takimoto <takimoto-j@kba.biglobe.ne.jp> | 2018-03-24 15:17:37 +0900 |
|---|---|---|
| committer | Jun-ichi Takimoto <takimoto-j@kba.biglobe.ne.jp> | 2018-03-24 15:22:10 +0900 |
| commit | e4a8069b329cacd6486f831bb55273f8253295b2 (patch) | |
| tree | d51fcb821d4111c527a31ede8bcb34371d7cc487 | |
| parent | 4977ec13982bc851668e85924e30a57c4e304b6e (diff) | |
| download | zsh-e4a8069b329cacd6486f831bb55273f8253295b2.tar.gz zsh-e4a8069b329cacd6486f831bb55273f8253295b2.tar.xz zsh-e4a8069b329cacd6486f831bb55273f8253295b2.zip | |
42501: avoid out of bound pointer (as 42487)
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | Src/Zle/complete.c | 6 | ||||
| -rw-r--r-- | Src/Zle/computil.c | 4 | ||||
| -rw-r--r-- | Src/Zle/zle_thingy.c | 5 |
4 files changed, 12 insertions, 8 deletions
diff --git a/ChangeLog b/ChangeLog index 77e2182c5..f17ed6dff 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2018-03-24 Jun-ichi Takimoto <takimoto-j@kba.biglobe.ne.jp> + + * 42501: Src/Zle/complete.c, Src/Zle/computil.c, + Src/Zle/zle_thingy.c: avoid out of bound pointer (as 42487). + 2018-03-23 Oliver Kiddle <okiddle@yahoo.co.uk> * 42491 based on 42000 (Andrei Shevchuk): diff --git a/Src/Zle/complete.c b/Src/Zle/complete.c index 16f48c958..313dcb92f 100644 --- a/Src/Zle/complete.c +++ b/Src/Zle/complete.c @@ -715,11 +715,10 @@ bin_compadd(char *name, char **argv, UNUSED(Options ops), UNUSED(int func)) case 'E': if (p[1]) { dat.dummies = atoi(p + 1); - p = "" - 1; + p += strlen(p+1); } else if (argv[1]) { argv++; dat.dummies = atoi(*argv); - p = "" - 1; } else { zwarnnam(name, "number expected after -%c", *p); zsfree(mstr); @@ -744,13 +743,12 @@ bin_compadd(char *name, char **argv, UNUSED(Options ops), UNUSED(int func)) /* Pasted argument: -Xfoo. */ if (!*sp) *sp = p + 1; - p = "" - 1; + p += strlen(p+1); } else if (argv[1]) { /* Argument in a separate word: -X foo. */ argv++; if (!*sp) *sp = *argv; - p = "" - 1; } else { /* Missing argument: argv[N] == "-X", argv[N+1] == NULL. */ zwarnnam(name, e, *p); diff --git a/Src/Zle/computil.c b/Src/Zle/computil.c index 0b1ba58dc..4ce8eeee5 100644 --- a/Src/Zle/computil.c +++ b/Src/Zle/computil.c @@ -1222,7 +1222,7 @@ parse_cadef(char *nam, char **args) else if (*p == 'A') { if (p[1]) { nonarg = p + 1; - p = "" - 1; + p += strlen(p+1); } else if (args[1]) nonarg = *++args; else @@ -1230,7 +1230,7 @@ parse_cadef(char *nam, char **args) } else if (*p == 'M') { if (p[1]) { match = p + 1; - p = "" - 1; + p += strlen(p+1); } else if (args[1]) match = *++args; else diff --git a/Src/Zle/zle_thingy.c b/Src/Zle/zle_thingy.c index f7e9829c2..5601c1178 100644 --- a/Src/Zle/zle_thingy.c +++ b/Src/Zle/zle_thingy.c @@ -731,6 +731,7 @@ bin_zle_call(char *name, char **args, UNUSED(Options ops), UNUSED(char func)) break; } while (*++(*args)) { + char skip_this_arg[2] = "x"; switch (**args) { case 'n': num = args[0][1] ? args[0]+1 : args[1]; @@ -741,7 +742,7 @@ bin_zle_call(char *name, char **args, UNUSED(Options ops), UNUSED(char func)) return 1; } if (!args[0][1]) - *++args = "" - 1; + *++args = skip_this_arg; saveflag = 1; zmod.mult = atoi(num); zmod.flags |= MOD_MULT; @@ -760,7 +761,7 @@ bin_zle_call(char *name, char **args, UNUSED(Options ops), UNUSED(char func)) return 1; } if (!args[0][1]) - *++args = "" - 1; + *++args = skip_this_arg; keymap_restore = dupstring(curkeymapname); if (selectkeymap(keymap_tmp, 0)) { if (remetafy) |