d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

grep: change some int types.

Browse Source 
Change several int variables to size_t, ssize_t, or ptrdiff_t.
This should fix the bug described in CVE-2012-5667 when an input
line is so long that its length cannot be stored in an int
variable.

This is based on NetBSD's revision which says:

This change to NetBSD's version of GNU grep 2.5.1 (licenced under
GPLv2) was made without direct reference to any code licenced
under GPLv3.

Obtained from:	NetBSD
MFC after:	3 days
This commit is contained in:
Pedro F. Giffuni 2013-05-20 03:15:25 +00:00
parent f9a93b641a
commit 025069f984
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=250823
3 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
gnu/usr.bin/grep/dfa.c
View File

@ -334,9 +334,10 @@ static int hard_LC_COLLATE; /* Nonzero if LC_COLLATE is hard. */
#ifdef MBS_SUPPORT #ifdef MBS_SUPPORT
/* These variables are used only if (MB_CUR_MAX > 1). */ /* These variables are used only if (MB_CUR_MAX > 1). */
static mbstate_t mbs; /* Mbstate for mbrlen(). */ static mbstate_t mbs; /* Mbstate for mbrlen(). */
static int cur_mb_len; /* Byte length of the current scanning static ssize_t cur_mb_len; /* Byte length of the current scanning
multibyte character. */ multibyte character. Must also handle
static int cur_mb_index; /* Byte index of the current scanning multibyte negative result from mbrlen(). */
static ssize_t cur_mb_index; /* Byte index of the current scanning multibyte
character. character.
singlebyte character : cur_mb_index = 0 singlebyte character : cur_mb_index = 0
@ -369,7 +370,7 @@ static unsigned char const *buf_end; /* refference to end in dfaexec(). */
/* This function update cur_mb_len, and cur_mb_index. /* This function update cur_mb_len, and cur_mb_index.
p points current lexptr, len is the remaining buffer length. */ p points current lexptr, len is the remaining buffer length. */
static void static void
update_mb_len_index (unsigned char const *p, int len) update_mb_len_index (unsigned char const *p, size_t len)
{ {
/* If last character is a part of a multibyte character, /* If last character is a part of a multibyte character,
we update cur_mb_index. */ we update cur_mb_index. */
@ -2463,7 +2464,7 @@ match_mb_charset (struct dfa *d, int s, position pos, int index)
int match; /* Flag which represent that matching succeed. */ int match; /* Flag which represent that matching succeed. */
int match_len; /* Length of the character (or collating element) int match_len; /* Length of the character (or collating element)
with which this operator match. */ with which this operator match. */
int op_len; /* Length of the operator. */ size_t op_len; /* Length of the operator. */
char buffer[128]; char buffer[128];
wchar_t wcbuf[6]; wchar_t wcbuf[6];

4
gnu/usr.bin/grep/grep.c
View File

@ -1350,9 +1350,9 @@ int
main (int argc, char **argv) main (int argc, char **argv)
{ {
char *keys; char *keys;
size_t keycc, oldcc, keyalloc; size_t cc, keycc, oldcc, keyalloc;
int with_filenames; int with_filenames;
int opt, cc, status; int opt, status;
int default_context; int default_context;
FILE *fp; FILE *fp;
extern char *optarg; extern char *optarg;

5
gnu/usr.bin/grep/search.c
View File

@ -112,7 +112,7 @@ static void
kwsinit (void) kwsinit (void)
{ {
static char trans[NCHAR]; static char trans[NCHAR];
int i; size_t i;
if (match_icase) if (match_icase)
for (i = 0; i < NCHAR; ++i) for (i = 0; i < NCHAR; ++i)
@ -326,7 +326,8 @@ EGexecute (char const *buf, size_t size, size_t *match_size, int exact)
{ {
register char const *buflim, *beg, *end; register char const *buflim, *beg, *end;
char eol = eolbyte; char eol = eolbyte;
int backref, start, len; int backref;
ptrdiff_t start, len;
struct kwsmatch kwsm; struct kwsmatch kwsm;
size_t i, ret_val; size_t i, ret_val;
static int use_dfa; static int use_dfa;