diff options
author | Hans Petter Jansson <hpj@cl.no> | 2016-02-29 01:50:14 +0100 |
---|---|---|
committer | Hans Petter Jansson <hpj@cl.no> | 2016-02-29 01:50:14 +0100 |
commit | cddcd6612b66cb3963920b5f2734850a217d7020 (patch) | |
tree | 468812b60904c584f07631b590b8f631fa3964e1 | |
parent | be0c630a19aa1788ef731def911770ce497d6ba3 (diff) | |
download | desktop-file-utils-cddcd6612b66cb3963920b5f2734850a217d7020.tar.gz |
validate: Fix buffer over-read on incomplete escape sequence.
https://bugs.freedesktop.org/show_bug.cgi?id=94303
-rw-r--r-- | src/validate.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/validate.c b/src/validate.c index b4b752e..7403c18 100644 --- a/src/validate.c +++ b/src/validate.c @@ -1225,6 +1225,16 @@ handle_exec_key (kf_validator *kf, break; case '\\': PRINT_INVALID_IF_FLAG; + + /* Escape character immediately followed by \0? */ + if (*(c + 1) == '\0') { + print_fatal (kf, "value \"%s\" for key \"%s\" in group \"%s\" " + "ends in an incomplete escape sequence\n", + value, locale_key, kf->current_group); + retval = FALSE; + break; + } + c++; if (*c == '\\' && in_quote) escaped = !escaped; |