首頁 探索 說明
登入
hongwenjun
/
musl
镜像来自 https://git.musl-libc.org/git/musl
1
0
複刻 0
檔案 問題管理 0 Wiki
瀏覽代碼

fix crash in wordfree if we_offs is not initialized by the caller

I'm not sure if it's legal for wordexp to modify this field, but this
is the only easy/straightforward fix, and applications should not
care. if it's an issue, i can work out a different (but more complex)
solution later.
Rich Felker 13 年之前
父節點
f007bb854b
當前提交
bef7a85e45
共有 1 個文件被更改,包括 2 次插入0 次删除
分割檢視 顯示文件統計
  1. 2 0
      src/misc/wordexp.c

+ 2 - 0
src/misc/wordexp.c
查看文件 

@@ -82,6 +82,8 @@ static int do_wordexp(const char *s, wordexp_t *we, int flags)
 
 		if (we->we_offs > SIZE_MAX/sizeof(void *)/4)
 
 			return WRDE_NOSPACE;
 
 		i += we->we_offs;
 
+	} else {
 
+		we->we_offs = 0;
 
 	}
 
 
 	if (pipe(p) < 0) return WRDE_NOSPACE;