108 строки
3.0 KiB
Diff
108 строки
3.0 KiB
Diff
From 8c7d6c407fd544db2cefa93b9fc95beadc00e132 Mon Sep 17 00:00:00 2001
|
|
From: tomspiderlabs <128755403+tomspiderlabs@users.noreply.github.com>
|
|
Date: Thu, 23 Mar 2023 23:39:38 +0000
|
|
Subject: [PATCH 1/2] Added control character check
|
|
|
|
Added control character check, returning -1 (to "err") if control characters are present.
|
|
---
|
|
lib/fields.c | 11 +++++++----
|
|
1 file changed, 7 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/lib/fields.c b/lib/fields.c
|
|
index 649fae17..b8f13ba7 100644
|
|
--- a/lib/fields.c
|
|
+++ b/lib/fields.c
|
|
@@ -44,9 +44,9 @@
|
|
*
|
|
* The supplied field is scanned for non-printable and other illegal
|
|
* characters.
|
|
- * + -1 is returned if an illegal character is present.
|
|
- * + 1 is returned if no illegal characters are present, but the field
|
|
- * contains a non-printable character.
|
|
+ * + -1 is returned if an illegal or control character is present.
|
|
+ * + 1 is returned if no illegal or control characters are present,
|
|
+ * but the field contains a non-printable character.
|
|
* + 0 is returned otherwise.
|
|
*/
|
|
int valid_field (const char *field, const char *illegal)
|
|
@@ -68,10 +68,13 @@ int valid_field (const char *field, const char *illegal)
|
|
}
|
|
|
|
if (0 == err) {
|
|
- /* Search if there are some non-printable characters */
|
|
+ /* Search if there are non-printable or control characters */
|
|
for (cp = field; '\0' != *cp; cp++) {
|
|
if (!isprint (*cp)) {
|
|
err = 1;
|
|
+ }
|
|
+ if (!iscntrl (*cp)) {
|
|
+ err = -1;
|
|
break;
|
|
}
|
|
}
|
|
--
|
|
2.25.1
|
|
|
|
|
|
From 332037afa44a6ed81b91394d89972d2da3b1577d Mon Sep 17 00:00:00 2001
|
|
From: Christian Göttsche <cgzones@googlemail.com>
|
|
Date: Fri, 31 Mar 2023 14:46:50 +0200
|
|
Subject: [PATCH 2/2] Overhaul valid_field()
|
|
|
|
e5905c4b ("Added control character check") introduced checking for
|
|
control characters but had the logic inverted, so it rejects all
|
|
characters that are not control ones.
|
|
|
|
Cast the character to `unsigned char` before passing to the character
|
|
checking functions to avoid UB.
|
|
|
|
Use strpbrk(3) for the illegal character test and return early.
|
|
---
|
|
lib/fields.c | 24 ++++++++++--------------
|
|
1 file changed, 10 insertions(+), 14 deletions(-)
|
|
|
|
diff --git a/lib/fields.c b/lib/fields.c
|
|
index b8f13ba7..191257e8 100644
|
|
--- a/lib/fields.c
|
|
+++ b/lib/fields.c
|
|
@@ -60,26 +60,22 @@ int valid_field (const char *field, const char *illegal)
|
|
|
|
/* For each character of field, search if it appears in the list
|
|
* of illegal characters. */
|
|
+ if (illegal && NULL != strpbrk (field, illegal)) {
|
|
+ return -1;
|
|
+ }
|
|
+
|
|
+ /* Search if there are non-printable or control characters */
|
|
for (cp = field; '\0' != *cp; cp++) {
|
|
- if (strchr (illegal, *cp) != NULL) {
|
|
+ unsigned char c = *cp;
|
|
+ if (!isprint (c)) {
|
|
+ err = 1;
|
|
+ }
|
|
+ if (iscntrl (c)) {
|
|
err = -1;
|
|
break;
|
|
}
|
|
}
|
|
|
|
- if (0 == err) {
|
|
- /* Search if there are non-printable or control characters */
|
|
- for (cp = field; '\0' != *cp; cp++) {
|
|
- if (!isprint (*cp)) {
|
|
- err = 1;
|
|
- }
|
|
- if (!iscntrl (*cp)) {
|
|
- err = -1;
|
|
- break;
|
|
- }
|
|
- }
|
|
- }
|
|
-
|
|
return err;
|
|
}
|
|
|
|
--
|
|
2.25.1
|
|
|