lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1456136021.13244.21.camel@linux.intel.com>
Date:	Mon, 22 Feb 2016 12:13:41 +0200
From:	Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To:	Jessica Yu <jeyu@...hat.com>,
	Andrew Morton <akpm@...ux-foundation.org>
Cc:	Rasmus Villemoes <linux@...musvillemoes.dk>,
	Kees Cook <keescook@...omium.org>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/1] sscanf: implement basic character sets

On Fri, 2016-02-19 at 20:22 -0500, Jessica Yu wrote:
> Implement basic character sets for the '%[]' conversion specifier.
> 
> The '%[]' conversion specifier matches a nonempty sequence of
> characters
> from the specified set of accepted (or with '^', rejected) characters
> between the brackets. The substring matched is to be made up of
> characters
> in (or not in) the set. This implementation differs from its glibc
> counterpart in that it does not support character ranges (e.g., 'a-z' 
> or
> '0-9'), the hyphen '-' is *not* a special character, and the brackets
> themselves cannot be matched.
> 
> Signed-off-by: Jessica Yu <jeyu@...hat.com>
> ---
>  lib/vsprintf.c | 35 +++++++++++++++++++++++++++++++++++
>  1 file changed, 35 insertions(+)
> 
> diff --git a/lib/vsprintf.c b/lib/vsprintf.c
> index 525c8e1..6ee3e7f 100644
> --- a/lib/vsprintf.c
> +++ b/lib/vsprintf.c
> @@ -2714,6 +2714,41 @@ int vsscanf(const char *buf, const char *fmt,
> va_list args)
>  			num++;
>  		}
>  		continue;
> +		case '[':
> +		{
> +			char *s = (char *)va_arg(args, char *);
> +			char set[U8_MAX] = { 0 };

Hmm... 255 on stack, not the best idea.

> +			size_t (*op)(const char *str, const char
> *set);
> +			size_t len = 0;
> +			bool negate = (*(fmt) == '^');
> +
> +			if (field_width == -1)
> +				field_width = SHRT_MAX;
> +
> +			op = negate ? &strcspn : &strspn;
> +			if (negate)
> +				fmt++;
> +
> +			len = strcspn(fmt, "]");
> +			/* invalid format; stop here */
> +			if (!len)
> +				return num;
> +
> +			strncpy(set, fmt, len);

Perhaps here you may allocate memory on heap and copy the given set.
IIRC kstrndup() does this.

> +			/* advance fmt past ']' */
> +			fmt += len + 1;
> +
> +			len = (*op)(str, set);
> +			/* no matches */
> +			if (!len)
> +				return num;
> +
> +			while (*str && len-- && field_width--)
> +				*s++ = *str++;
> +			*s = '\0';
> +			num++;
> +		}
> +		continue;
>  		case 'o':
>  			base = 8;
>  			break;

-- 
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
Intel Finland Oy

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ