emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lineedit: fix SEGV in isk, hexedit, ed, closes 11661

Browse Source 
fdisk, hexedit and ed calls read_line_edit in libbb/lineedit.c with NULL
as first argument. On line 2373 of lineedit.c of busybox version 1.29.3,
state->hist_file is referenced without checking the state->flag.

This causes segmentation fault on fdisk, hexedit and ed on ARM Cortex-A9.
It somehow works on x86_64.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko
2019-02-04 16:16:30 +01:00
parent e17e8d4b7d
commit 779f96a24c
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
libbb/lineedit.c
View File

@@ -2383,13 +2383,14 @@ int FAST_FUNC read_line_input(line_input_t *st, const char *prompt, char *comman
timeout = st->timeout; timeout = st->timeout;
} }
#if MAX_HISTORY > 0 #if MAX_HISTORY > 0
if (state->flags & DO_HISTORY) {
# if ENABLE_FEATURE_EDITING_SAVEHISTORY # if ENABLE_FEATURE_EDITING_SAVEHISTORY
if (state->hist_file) if (state->hist_file)
if (state->cnt_history == 0) if (state->cnt_history == 0)
load_history(state); load_history(state);
# endif # endif
if (state->flags & DO_HISTORY)
state->cur_history = state->cnt_history; state->cur_history = state->cnt_history;
}
#endif #endif
/* prepare before init handlers */ /* prepare before init handlers */