On 03/04/2015 10:59 AM, Верещагин Алексей wrote: > Bash Version: 4.3.33 > File: lib/sh/shquote.c > Function: sh_backslash_quote > Line: if (backslash_table[c] == 1) > > Description > ----------- > Variable "c" has signed integer type and may be negative (if "string" is > not only ASCII characters string). But "c" used as an index in > "backslash_table" array. This causes out of range error and produce > undefined behavior. > > Possible solution > ----------------- > Cast variable "c" to unsigned char type: > if (backslash_table[(unsigned char)c] == 1)
Similar to this other report: https://lists.gnu.org/archive/html/bug-bash/2015-01/msg00096.html and it looks like Chet has done some work in git at addressing various call sites, although I have not yet checked if he got them all. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
