var: Do not add 1 to return value of strchrnul

When a variable like OPTIND is unset dash may call the action function with a bogus pointer because it tries to add one to the return value of strchrnul unconditionally. Use strchr and nullstr instead. Link: https://bugs.debian.org/985478 Reported-by: наб <nabijaczleweli@nabijaczleweli.xyz> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
author: Herbert Xu <herbert@gondor.apana.org.au> 2023-01-03 17:51:18 +0800
committer: Herbert Xu <herbert@gondor.apana.org.au> 2023-01-08 20:03:08 +0800
commit: b4ecd84eb4048522648bc16920d3615cb243a6bf (patch)
tree: 43708b2832cf97e6526d15496ca9206d37a29895
parent: 44ae22beedf8a3d68bbfa1d065ad677182372de2 (diff)
download: dash-b4ecd84eb4048522648bc16920d3615cb243a6bf.tar.gz
1 files changed, 6 insertions, 2 deletions
diff --git a/src/var.c b/src/var.c
index ef9c2bd..b70d72c 100644
--- a/src/var.c
+++ b/src/var.c
@@ -154,6 +154,10 @@ RESET {
 }
 #endif
 
+static char *varnull(const char *s)
+{
+	return (strchr(s, '=') ?: nullstr - 1) + 1;
+}
 
 /*
  * This routine initializes the builtin variables.  It is called when the
@@ -266,7 +270,7 @@ struct var *setvareq(char *s, int flags)
 			goto out;
 
 		if (vp->func && (flags & VNOFUNC) == 0)
-			(*vp->func)(strchrnul(s, '=') + 1);
+			(*vp->func)(varnull(s));
 
 		if ((vp->flags & (VTEXTFIXED|VSTACK)) == 0)
 			ckfree(vp->text);
@@ -531,7 +535,7 @@ poplocalvars(void)
 			unsetvar(vp->text);
 		} else {
 			if (vp->func)
-				(*vp->func)(strchrnul(lvp->text, '=') + 1);
+				(*vp->func)(varnull(lvp->text));
 			if ((vp->flags & (VTEXTFIXED|VSTACK)) == 0)
 				ckfree(vp->text);
 			vp->flags = lvp->flags;
author	Herbert Xu <herbert@gondor.apana.org.au>	2023-01-03 17:51:18 +0800
committer	Herbert Xu <herbert@gondor.apana.org.au>	2023-01-08 20:03:08 +0800
commit	b4ecd84eb4048522648bc16920d3615cb243a6bf (patch)
tree	43708b2832cf97e6526d15496ca9206d37a29895
parent	44ae22beedf8a3d68bbfa1d065ad677182372de2 (diff)
download	dash-b4ecd84eb4048522648bc16920d3615cb243a6bf.tar.gz