From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa.local.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.1 From: Aleksei Nikiforov To: devel@lists.altlinux.org Date: Tue, 10 Dec 2019 18:23:28 +0300 Message-Id: <20191210152343.33867-24-darktemplar@altlinux.org> X-Mailer: git-send-email 2.24.0 In-Reply-To: <20191210152343.33867-1-darktemplar@altlinux.org> References: <20191210152343.33867-1-darktemplar@altlinux.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Cc: Aleksei Nikiforov Subject: [devel] [PATCH for apt 23/38] Fortify ParseQuoteWord function X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Dec 2019 15:25:12 -0000 Archived-At: List-Archive: List-Post: If some ipv6 address is used in format addr%interface, like ::1%lo or ::1%eth0, it's not interpreted as an URL-encoded string, since characters following % are not valid hex digits. --- apt/apt-pkg/contrib/strutl.cc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/apt/apt-pkg/contrib/strutl.cc b/apt/apt-pkg/contrib/strutl.cc index c07e65c..4d5025a 100644 --- a/apt/apt-pkg/contrib/strutl.cc +++ b/apt/apt-pkg/contrib/strutl.cc @@ -130,7 +130,8 @@ bool ParseQuoteWord(const char *&String,string &Res) char *I; for (I = Buffer; I < Buffer + sizeof(Buffer) && Start != C; I++) { - if (*Start == '%' && Start + 2 < C) + if ((*Start == '%') && (Start + 2 < C) && + isxdigit(Start[1]) && isxdigit(Start[2])) { Tmp[0] = Start[1]; Tmp[1] = Start[2]; -- 2.24.0