krb5 commit: Don't skip past zero byte in profile parsing
Greg Hudson
ghudson at mit.edu
Thu Aug 15 14:01:35 EDT 2019
https://github.com/krb5/krb5/commit/a449bfc16c32019fec8b4deea963a3e474b0d14d
commit a449bfc16c32019fec8b4deea963a3e474b0d14d
Author: Greg Hudson <ghudson at mit.edu>
Date: Wed Aug 14 11:46:14 2019 -0400
Don't skip past zero byte in profile parsing
In parse_quoted_string(), only process an escape sequence if there is
a second character after the backlash, to avoid reading past the
terminating zero byte. Reported by Lutz Justen.
ticket: 8825 (new)
tags: pullup
target_version: 1.17-next
target_version: 1.16-next
src/util/profile/prof_parse.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/util/profile/prof_parse.c b/src/util/profile/prof_parse.c
index 531e4a0..7ba44ac 100644
--- a/src/util/profile/prof_parse.c
+++ b/src/util/profile/prof_parse.c
@@ -48,7 +48,7 @@ static void parse_quoted_string(char *str)
char *to, *from;
for (to = from = str; *from && *from != '"'; to++, from++) {
- if (*from == '\\') {
+ if (*from == '\\' && *(from + 1) != '\0') {
from++;
switch (*from) {
case 'n':
More information about the cvs-krb5
mailing list