mirror of
git://git.sv.gnu.org/coreutils.git
synced 2026-02-19 05:42:02 +02:00
44809c3379
* src/od.c (dump_strings): There are three related issues here due to not accounting for the terminating NUL char appropriately. 1. Ensure BUF always has enough space for the terminating NUL. This avoids CWE-122: Heap-based Buffer Overflow, where we wrote a single NUL byte directly after the allocated buffer. I.e., there should be no buffer overflow with: printf '%100s' | od -N100 -S1 2. Ensure we support -S == -N (END_OFFSET - STRING_MIN == ADDRESS): I.e., there should be output with: printf '%100s' | od -N10 -S10 3. Ensure we always output a valid address by ensuring the ADDRESS and I variables are kept in sync. I.e., this should output address 0000000 not 1777777777777777777777: printf '%100s' | od -N10 -S1 As well as fixing these we simplify by using a single loop to read the data, rather than two. * doc/coreutils.texi (od invocation): Clarify that -N implicitly NUL terminates strings. * tests/od/od-N.sh: Add test cases. * NEWS: Mention the bug fixes. Fixes https://bugs.gnu.org/78880