227330 – [PATCH] usr.bin/cut: Fix out of boundary write on illegal list argument

Bug 227330 - [PATCH] usr.bin/cut: Fix out of boundary write on illegal list argument

Summary: [PATCH] usr.bin/cut: Fix out of boundary write on illegal list argument

Status:	Closed FIXED

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	bin (show other bugs)
Version:	CURRENT
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	Eitan Adler

URL:
Keywords:	patch

Depends on:
Blocks:

Reported:	2018-04-06 19:24 UTC by tobias
Modified:	2018-05-23 09:43 UTC (History)
CC List:	2 users (show)

See Also:

Attachments
Patch to fix the issue (385 bytes, patch) 2018-04-06 19:24 UTC, tobias	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description tobias 2018-04-06 19:24:55 UTC

Created attachment 192296 [details]
Patch to fix the issue

It is possible to trigger an out of boundary write in cut if an invalid range with autostart has been supplied:

$ cut -c -8000-2
Segmentation fault

It is not verified that enough memory has been allocated for an autostart if a smaller stop value has been specified.

Comment 1 commit-hook freebsd_committer

2018-05-23 09:16:53 UTC

A commit references this bug:

Author: eadler
Date: Wed May 23 09:16:21 UTC 2018
New revision: 334083
URL: https://svnweb.freebsd.org/changeset/base/334083

Log:
  cut: Fix out of boundary write on illegal list argument

  It is possible to trigger an out of boundary write in cut if an invalid
  range with autostart has been supplied.

  PR:		227330
  Submitted by:	tobias@stoeckmann.org

Changes:
  head/usr.bin/cut/cut.c