emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ash: add a FIXME for bug 9246

Browse Source 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko 2016-09-17 20:53:47 +02:00
parent d2c5de0130
commit 7bc3d39695
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
shell/ash.c
View File

@ -11659,9 +11659,18 @@ parsebackq: {
str = NULL; str = NULL;
savelen = out - (char *)stackblock(); savelen = out - (char *)stackblock();
if (savelen > 0) { if (savelen > 0) {
/*
* FIXME: this can allocate very large block on stack and SEGV.
* Example:
* echo "..<100kbytes>..`true` $(true) `true` ..."
* alocates 100kb for every command subst. With about
* a hundred command substitutions stack overflows.
* With larger prepended string, SEGV happens sooner.
*/
str = alloca(savelen); str = alloca(savelen);
memcpy(str, stackblock(), savelen); memcpy(str, stackblock(), savelen);
} }
if (oldstyle) { if (oldstyle) {
/* We must read until the closing backquote, giving special /* We must read until the closing backquote, giving special
* treatment to some slashes, and then push the string and * treatment to some slashes, and then push the string and