mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-27 16:39:08 +00:00
Code Issues Releases Activity

Try harder to not exceed MAXSHELLCMDLEN when parsing first line of shell

Browse Source 
script. Otherwise it's possible to panic kernel by constructing a shell
script with first line not ending in '\n'.

Also, treat '\0' as line terminating character, which may me useful in
some situations.

Submitted by:	gad
This commit is contained in:
Maxim Sobolev 2005-02-25 08:42:04 +00:00
parent ed7003a9f3
commit b4305f8d91
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=142444
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
sys/kern/imgact_shell.c
View File

@ -75,18 +75,19 @@ exec_shell_imgact(imgp)
offset = 0;
while (ihp < &image_header[MAXSHELLCMDLEN]) {
/* Skip any whitespace */
while ((*ihp == ' ') || (*ihp == '\t')) {
if ((*ihp == ' ') || (*ihp == '\t')) {
ihp++;
continue;
}
/* End of line? */
if ((*ihp == '\n') || (*ihp == '#'))
if ((*ihp == '\n') || (*ihp == '#') || (*ihp == '\0'))
break;
/* Found a token */
while ((*ihp != ' ') && (*ihp != '\t') && (*ihp != '\n') &&
(*ihp != '#')) {
(*ihp != '#') && (*ihp != '\0') &&
(ihp < &image_header[MAXSHELLCMDLEN])) {
offset++;
ihp++;
}
@ -140,18 +141,19 @@ exec_shell_imgact(imgp)
offset = 0;
while (ihp < &image_header[MAXSHELLCMDLEN]) {
/* Skip whitespace */
while ((*ihp == ' ' || *ihp == '\t')) {
if ((*ihp == ' ') || (*ihp == '\t')) {
ihp++;
continue;
}
/* End of line? */
if ((*ihp == '\n') || (*ihp == '#'))
if ((*ihp == '\n') || (*ihp == '#') || (*ihp == '\0'))
break;
/* Found a token, copy it */
while ((*ihp != ' ') && (*ihp != '\t') &&
(*ihp != '\n') && (*ihp != '#')) {
while ((*ihp != ' ') && (*ihp != '\t') && (*ihp != '\n') &&
(*ihp != '#') && (*ihp != '\0') &&
(ihp < &image_header[MAXSHELLCMDLEN])) {
imgp->args->begin_argv[offset++] = *ihp++;
}
imgp->args->begin_argv[offset++] = '\0';