misc/140151: Fix potential setlocale(3) in hexdump / od
Garrett Cooper
gcooper at FreeBSD.org
Sat Oct 31 20:50:01 UTC 2009
>Number: 140151
>Category: misc
>Synopsis: Fix potential setlocale(3) in hexdump / od
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Oct 31 20:50:00 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Garrett Cooper
>Release: 9-CURRENT
>Organization:
n/a
>Environment:
FreeBSD optimus.zenmetsuhitotuyaneshita.net 9.0-CURRENT FreeBSD 9.0-CURRENT #0: Sun Oct 25 16:15:22 PDT 2009 gcooper at optimus.zenmetsuhitotuyaneshita.net:/usr/obj/usr/src/sys/OPTIMUS amd64
>Description:
Spotted a coding issue with setlocale(3) not being checked for error when going back and reviewing the hexdump sourcecode to fix the issues that are assigned to me.
Please see the attached source for the fix, as well as an improvement on determing the application in use.
Execution example:
[gcooper at optimus /scratch/src/head/usr.bin/hexdump]$ ln -sf ./hexdump od
[gcooper at optimus /scratch/src/head/usr.bin/hexdump]$ echo "" | ./hexdump -e '"%06.6_ao " 12/1 "%3_u "'
000000 lf
[gcooper at optimus /scratch/src/head/usr.bin/hexdump]$ echo "" | ./od
0000000 000012
0000001
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
Index: hexdump.c
===================================================================
--- hexdump.c (revision 198534)
+++ hexdump.c (working copy)
@@ -50,6 +50,9 @@
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
+#include <libgen.h>
+#include <err.h>
+#include <errno.h>
#include "hexdump.h"
FS *fshead; /* head of format strings */
@@ -61,11 +64,12 @@
main(int argc, char *argv[])
{
FS *tfs;
- char *p;
- (void)setlocale(LC_ALL, "");
+ if (setlocale(LC_ALL, "") == NULL) {
+ errx(1, "Failed to set the locale to LC_ALL");
+ }
- if (!(p = rindex(argv[0], 'o')) || strcmp(p, "od"))
+ if (strncmp(basename(argv[0]), "od", strlen("od")))
newsyntax(argc, &argv);
else
oldsyntax(argc, &argv);
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list