blob: 2d33099cd3dab4494750a4de4d097ed06496d960 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
From 007521ac3c95bc76e3d59c6dbfe75d06c8075c33 Mon Sep 17 00:00:00 2001
From: Mark Nudelman <markn@greenwoodsoftware.com>
Date: Thu, 11 Apr 2024 17:49:48 -0700
Subject: [PATCH] Fix bug when viewing a file whose name contains a newline.
CVE: CVE-2024-32487
Upstream-Status: Backport [https://github.com/gwsw/less/commit/007521ac3c95bc76e3d59c6dbfe75d06c8075c33]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
filename.c | 29 ++++++++++++++++++++++++-----
1 file changed, 24 insertions(+), 5 deletions(-)
diff --git a/filename.c b/filename.c
index a8726dc..c4b35b1 100644
--- a/filename.c
+++ b/filename.c
@@ -133,6 +133,15 @@ static int metachar(char c)
return (strchr(metachars(), c) != NULL);
}
+/*
+ * Must use quotes rather than escape char for this metachar?
+ */
+static int must_quote(char c)
+{
+ /* {{ Maybe the set of must_quote chars should be configurable? }} */
+ return (c == '\n');
+}
+
/*
* Insert a backslash before each metacharacter in a string.
*/
@@ -164,6 +173,9 @@ public char * shell_quote(char *s)
* doesn't support escape chars. Use quotes.
*/
use_quotes = 1;
+ } else if (must_quote(*p))
+ {
+ len += 3; /* open quote + char + close quote */
} else
{
/*
@@ -193,15 +205,22 @@ public char * shell_quote(char *s)
{
while (*s != '\0')
{
- if (metachar(*s))
+ if (!metachar(*s))
{
- /*
- * Add the escape char.
- */
+ *p++ = *s++;
+ } else if (must_quote(*s))
+ {
+ /* Surround the char with quotes. */
+ *p++ = openquote;
+ *p++ = *s++;
+ *p++ = closequote;
+ } else
+ {
+ /* Insert an escape char before the char. */
strcpy(p, esc);
p += esclen;
+ *p++ = *s++;
}
- *p++ = *s++;
}
*p = '\0';
}
--
2.40.0
|