Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 25 Oct 2022 21:52:16 +0000
From:      bugzilla-noreply@freebsd.org
To:        standards@FreeBSD.org
Subject:   [Bug 267282] [PATCH] strfmon: Attempt to fix some strfmon(3) bugs
Message-ID:  <bug-267282-99-LsKQRL6Mab@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-267282-99@https.bugs.freebsd.org/bugzilla/>
References:  <bug-267282-99@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D267282

--- Comment #8 from commit-hook@FreeBSD.org ---
A commit in branch main references this bug:

URL:
https://cgit.FreeBSD.org/src/commit/?id=3D9e03b903e377c75a60cbbb89ed7895576=
9a1c804

commit 9e03b903e377c75a60cbbb89ed78955769a1c804
Author:     Jose Luis Duran <jlduran@gmail.com>
AuthorDate: 2022-10-13 15:51:27 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2022-10-25 21:40:17 +0000

    strfmon: Avoid an out-of-bounds access

    Avoid an out-of-bounds access when trying to set the space_char using an
    international currency format (%i) and the C/POSIX locale.

    The current code tries to read the SPACE from int_curr_symbol[3]:

        currency_symbol =3D strdup(lc->int_curr_symbol);
        space_char =3D *(currency_symbol+3);

    But on C/POSIX locales, int_curr_symbol is empty.

    Three implementations have been examined: NetBSD[1], Darwin[2], and
    Illumos[3].  Only NetBSD has fixed it[4].

    Darwin and NetBSD also trim the mandatory final SPACE character after
    reading it.

        Locale         Format    Darwin/NetBSD    FreeBSD/Illumos
        en_US.UTF-8    [%i]      [USD123.45]      [USD 123.45]
        fr_FR.UTF-8    [%i]      [123,45 EUR]     [123,45 EUR ]

    This commit only fixes the out-of-bounds access.

    [1]: https://github.com/NetBSD/src/blob/trunk/lib/libc/stdlib/strfmon.c
    [2]:
https://opensource.apple.com/source/Libc/Libc-1439.141.1/stdlib/NetBSD/strf=
mon.c.auto.html
    [3]:
https://github.com/illumos/illumos-gate/blob/master/usr/src/lib/libc/port/l=
ocale/strfmon.c
    [4]:
https://github.com/NetBSD/src/commit/3d7b5d498aa9609f2bc9ece9c734c5f493a8e2=
39

    Reviewed by:    kib
    PR:     267282
    Github PR:      #619
    MFC after:      1 week

 lib/libc/stdlib/strfmon.c            | 5 +++--
 lib/libc/tests/stdlib/strfmon_test.c | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-267282-99-LsKQRL6Mab>