diff options
author | Karl Williamson <khw@cpan.org> | 2019-12-07 13:47:05 -0700 |
---|---|---|
committer | Karl Williamson <khw@cpan.org> | 2019-12-18 09:33:09 -0700 |
commit | 4aada8b9eda25f3f024283c0c27c1424b5ba40ff (patch) | |
tree | 2c0ded2d593e998be054336ebf9648e4e18877fb /os2 | |
parent | fcafb10c71dbfc03eacb02eeb0c567facc269a72 (diff) | |
download | perl-4aada8b9eda25f3f024283c0c27c1424b5ba40ff.tar.gz |
Add memCHRs() macro and use it
This replaces strchr("list", c) calls throughout the core. They don't
work properly when 'c' is a NUL, returning the position of the
terminating NUL in "list" instead of failure. This could lead to
segfaults or even security issues.
Diffstat (limited to 'os2')
-rw-r--r-- | os2/dl_os2.c | 2 | ||||
-rw-r--r-- | os2/os2.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/os2/dl_os2.c b/os2/dl_os2.c index 76fa9dc42d..f15c465f62 100644 --- a/os2/dl_os2.c +++ b/os2/dl_os2.c @@ -121,7 +121,7 @@ dlopen(const char *path, int mode) /* Not found. Check for non-FAT name and try truncated name. */ /* Don't know if this helps though... */ for (beg = dot = path + strlen(path); - beg > path && !strchr(":/\\", *(beg-1)); + beg > path && !memCHRs(":/\\", *(beg-1)); beg--) if (*beg == '.') dot = beg; @@ -1400,7 +1400,7 @@ do_spawn3(pTHX_ char *cmd, int execf, int flag) goto doshell; for (s = cmd; *s; s++) { - if (*s != ' ' && !isALPHA(*s) && strchr("$&*(){}[]'\";\\|?<>~`\n",*s)) { + if (*s != ' ' && !isALPHA(*s) && memCHRs("$&*(){}[]'\";\\|?<>~`\n",*s)) { if (*s == '\n' && s[1] == '\0') { *s = '\0'; break; |