validate: Fix buffer over-read on incomplete escape sequence.

https://bugs.freedesktop.org/show_bug.cgi?id=94303
author: Hans Petter Jansson <hpj@cl.no> 2016-02-29 01:50:14 +0100
committer: Hans Petter Jansson <hpj@cl.no> 2016-02-29 01:50:14 +0100
commit: cddcd6612b66cb3963920b5f2734850a217d7020 (patch)
tree: 468812b60904c584f07631b590b8f631fa3964e1
parent: be0c630a19aa1788ef731def911770ce497d6ba3 (diff)
download: desktop-file-utils-cddcd6612b66cb3963920b5f2734850a217d7020.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/src/validate.c b/src/validate.c
index b4b752e..7403c18 100644
--- a/src/validate.c
+++ b/src/validate.c
@@ -1225,6 +1225,16 @@ handle_exec_key (kf_validator *kf,
         break;
       case '\\':
         PRINT_INVALID_IF_FLAG;
+
+        /* Escape character immediately followed by \0? */
+        if (*(c + 1) == '\0') {
+          print_fatal (kf, "value \"%s\" for key \"%s\" in group \"%s\" "
+                           "ends in an incomplete escape sequence\n",
+                           value, locale_key, kf->current_group);
+          retval = FALSE;
+          break;
+        }
+
         c++;
         if (*c == '\\' && in_quote)
           escaped = !escaped;
author	Hans Petter Jansson <hpj@cl.no>	2016-02-29 01:50:14 +0100
committer	Hans Petter Jansson <hpj@cl.no>	2016-02-29 01:50:14 +0100
commit	cddcd6612b66cb3963920b5f2734850a217d7020 (patch)
tree	468812b60904c584f07631b590b8f631fa3964e1
parent	be0c630a19aa1788ef731def911770ce497d6ba3 (diff)
download	desktop-file-utils-cddcd6612b66cb3963920b5f2734850a217d7020.tar.gz