Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Shebang without trailing newline causes buffer overflow (segfault) #54

Open
sjoqvist opened this issue Aug 10, 2019 · 0 comments
Open

Shebang without trailing newline causes buffer overflow (segfault) #54

sjoqvist opened this issue Aug 10, 2019 · 0 comments

Comments

@sjoqvist
Copy link

sjoqvist commented Aug 10, 2019
edited
Loading

Given an input file like

#!/usr/bin/env lci

without a trailing newline, the interpreter segfaults.

Expected: An error message instead of a crash.

The reason is the following piece of code, which doesn't check the buffer length while searching for trailing '\n' or '\r'.

lci/main.c

Lines 210 to 215 in 6762b72

/* Remove hash bang line if run as a standalone script */
if (buffer[0] == '#' && buffer[1] == '!') {
unsigned int n;
for (n = 0; buffer[n] != '\n' && buffer[n] != '\r'; n++)
buffer[n] = ' ';
}

(Note that this is a crash that only occurs on malformed input files.)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sjoqvist