[PATCH] lib: glob.c: added null check for character class

From: Alok Swaminathan
Date: Sun Sep 15 2024 - 14:35:36 EST

Next message: Muhammad Qasim Abdul Majeed: "[PATCH 01/10] ACPI: apd: Use strscpy instead of strcpy."
Previous message: Jeongjun Park: "Re: [syzbot] [usb?] KMSAN: kernel-infoleak in iowarrior_read"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Added null check for character class. Previously, an inverted character
class could result in a nul byte being matched and lead to the function
reading past the end of the inputted str.

Signed-off-by: Alok Swaminathan <swaminathanalok@xxxxxxxxx>
---
lib/glob.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/lib/glob.c b/lib/glob.c
index 15b73f490720..aa57900d2062 100644
--- a/lib/glob.c
+++ b/lib/glob.c
@@ -68,6 +68,8 @@ bool __pure glob_match(char const *pat, char const *str)
back_str = --str; /* Allow zero-length match */
break;
case '[': { /* Character class */
+ if (c == '\0') /* No possible match */
+ return false;
bool match = false, inverted = (*pat == '!');
char const *class = pat + inverted;
unsigned char a = *class++;
--
2.46.0

Next message: Muhammad Qasim Abdul Majeed: "[PATCH 01/10] ACPI: apd: Use strscpy instead of strcpy."
Previous message: Jeongjun Park: "Re: [syzbot] [usb?] KMSAN: kernel-infoleak in iowarrior_read"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]