busybox/editors
Sören Tempel f15dfd86c4 ed: don't use memcpy with overlapping memory regions
The memcpy invocations in the subCommand function, modified by this
commit, previously used memcpy with overlapping memory regions. This is
undefined behavior. On Alpine Linux, it causes BusyBox ed to crash since
we compile BusyBox with -D_FORTIFY_SOURCE=2 and our fortify-headers
implementation catches this source of undefined behavior [0]. The issue
can only be triggered if the replacement string is the same size or
shorter than the old string.

Looking at the code, it seems to me that a memmove(3) is what was
actually intended here, this commit modifies the code accordingly.

[0]: https://gitlab.alpinelinux.org/alpine/aports/-/issues/13504

Signed-off-by: Sören Tempel <soeren+git@soeren-tempel.net>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2023-01-05 16:26:49 +01:00
..
awk.c awk: fix use after free (CVE-2022-30065) 2022-07-11 17:18:07 +02:00
cmp.c Add support for long options to cmp 2022-01-23 20:24:32 +01:00
Config.src
diff.c diff: code shrink 2021-02-22 19:00:07 +01:00
ed.c ed: don't use memcpy with overlapping memory regions 2023-01-05 16:26:49 +01:00
Kbuild.src
patch_bbox.c
patch_toybox.c *: style fix 2022-08-30 16:41:17 +02:00
patch.c *: style fix 2022-08-30 16:41:17 +02:00
sed_summary.htm
sed.c sed: fix double-free in FEATURE_CLEAN_UP=y configs 2023-01-02 17:05:55 +01:00
sed1line.txt
vi.c *: style fix 2022-08-30 16:41:17 +02:00