Fix a memory leak and an access out of bounds#2
Open
asammouda wants to merge 2 commits intomirror:masterfrom
Open
Fix a memory leak and an access out of bounds#2asammouda wants to merge 2 commits intomirror:masterfrom
asammouda wants to merge 2 commits intomirror:masterfrom
Conversation
Author
|
Missing fclose |
Author
|
iso9660: hs.id Buffer is accessed out of bounds when its content is compared to "CDROM" |
asammouda
changed the title
okuoku
pushed a commit
to okuoku/wasmlinux-busybox
that referenced
this pull request
Nov 12, 2023
When I planned to print the command in read_line_input, I found that after the system started, the command printed for the first time was always garbled. After analysis, it is found that in the init() function of ash, the variable basepf.buf is not initialized after applying for memory, resulting in garbled initial data. Then assign it to the global variable g_parsefile->buf in ash.c, and then pass g_parsefile->buf to the parameter command of the function read_line_input in the function preadfd(), and finally cause it to be garbled when the command is printed by read_line_input. The call stack is as follows: #0 read_line_input (st=0xb6fff220, prompt=0xb6ffc910 "\\[\\033[32m\\]\\h \\w\\[\\033[m\\] \\$ ", command=command@entry=0xb6ffc230 "P\325\377\266P\325\377\266", maxsize=maxsize@entry=1024) at libbb/lineedit.c:2461 mirror#1 0x0043ef8c in preadfd () at shell/ash.c:10812 mirror#2 preadbuffer () at shell/ash.c:10914 mirror#3 pgetc () at shell/ash.c:10997 mirror#4 0x00440c20 in pgetc_eatbnl () at shell/ash.c:11039 mirror#5 0x00440cbc in xxreadtoken () at shell/ash.c:13157 mirror#6 0x00440f40 in readtoken () at shell/ash.c:13268 mirror#7 0x00441234 in list (nlflag=nlflag@entry=1) at shell/ash.c:11782 mirror#8 0x004420e8 in parsecmd (interact=<optimized out>) at shell/ash.c:13344 mirror#9 0x00442c34 in cmdloop (top=top@entry=1) at shell/ash.c:13549 mirror#10 0x00444e4c in ash_main (argc=<optimized out>, argv=0x444e4c <ash_main+1328>) at shell/ash.c:14747 mirror#11 0x00407954 in run_applet_no_and_exit (applet_no=9, name=<optimized out>, argv=0xbefffd34) at libbb/appletlib.c:1024 mirror#12 0x00407b68 in run_applet_and_exit (name=0xbefffe56 "ash", argv=0x9) at libbb/appletlib.c:1047 mirror#13 0x00407f88 in main (argc=<optimized out>, argv=0xbefffd34) at libbb/appletlib.c:1181 Fixes: 82dd14a ("ash: use CONFIG_FEATURE_EDITING_MAX_LEN") Signed-off-by: zhuyan <zhuyan34@huawei.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.