bin/151592: fold(1) segfaults on argument processing

Jean-Sébastien Pédron jean-sebastien.pedron at dumbbell.fr
Wed Nov 3 22:10:11 UTC 2010 

The following reply was made to PR bin/151592; it has been noted by GNATS.

From: =?ISO-8859-1?Q?Jean-S=E9bastien_P=E9dron?=
 <jean-sebastien.pedron at dumbbell.fr>
To: bug-followup at FreeBSD.org, marcus at blazingdot.com
Cc:  
Subject: Re: bin/151592: fold(1) segfaults on argument processing
Date: Wed, 03 Nov 2010 23:05:32 +0100

 This is a multi-part message in MIME format.
 --------------060509040604060902020702
 Content-Type: text/plain; charset=ISO-8859-1
 Content-Transfer-Encoding: 8bit
 
 Hello!
 
 Attached is a patch that fixes the segfault for me. Could you please try
 it with your use case?
 
 How to apply the patch:
   # cd /usr/src
   # patch < /path/to/fold-segfault-a.patch
   # cd usr.bin/fold
   # make
 
 You will find a new "fold" binary in this directory or in
 /usr/obj/usr/src/usr.bin/fold if you have a buildworld still present.
 
 Thanks!
 
 -- 
 Jean-Sébastien Pédron
 
 --------------060509040604060902020702
 Content-Type: text/plain;
  name="fold-segfault-a.patch"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
  filename="fold-segfault-a.patch"
 
 Index: usr.bin/fold/fold.c
 ===================================================================
 --- usr.bin/fold/fold.c	(revision 214762)
 +++ usr.bin/fold/fold.c	(working copy)
 @@ -71,14 +71,14 @@
  int
  main(int argc, char **argv)
  {
 -	int ch;
 +	int ch, previous_ch;
  	int rval, width;
 -	char *p;
  
  	(void) setlocale(LC_CTYPE, "");
  
  	width = -1;
 -	while ((ch = getopt(argc, argv, "0123456789bsw:")) != -1)
 +	previous_ch = 0;
 +	while ((ch = getopt(argc, argv, "0123456789bsw:")) != -1) {
  		switch (ch) {
  		case 'b':
  			bflag = 1;
 @@ -93,17 +93,33 @@
  			break;
  		case '0': case '1': case '2': case '3': case '4':
  		case '5': case '6': case '7': case '8': case '9':
 -			if (width == -1) {
 -				p = argv[optind - 1];
 -				if (p[0] == '-' && p[1] == ch && !p[2])
 -					width = atoi(++p);
 -				else
 -					width = atoi(argv[optind] + 1);
 +			/* Accept a width as eg. -30. Note that a width
 +			 * specified using the -w option is always used prior
 +			 * to this undocumented option. */
 +			switch (previous_ch) {
 +			case '0': case '1': case '2': case '3': case '4':
 +			case '5': case '6': case '7': case '8': case '9':
 +				/* The width is a number with multiple digits:
 +				 * add the last one. */
 +				width = width * 10 + (ch - '0');
 +				break;
 +			default:
 +				/* Set the width, unless it was previously
 +				 * set. For instance, the following options
 +				 * would all give a width of 5 and not 10:
 +				 *   -10 -w5
 +				 *   -5b10
 +				 *   -5 -10b */
 +				if (width == -1)
 +					width = ch - '0';
 +				break;
  			}
  			break;
  		default:
  			usage();
  		}
 +		previous_ch = ch;
 +	}
  	argv += optind;
  	argc -= optind;
  
 
 --------------060509040604060902020702--

More information about the freebsd-bugs mailing list