From owner-svn-src-all@FreeBSD.ORG Fri Jan 23 18:42:06 2015 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9BFFD1EF; Fri, 23 Jan 2015 18:42:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 866D7ED6; Fri, 23 Jan 2015 18:42:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t0NIg68f029939; Fri, 23 Jan 2015 18:42:06 GMT (envelope-from delphij@FreeBSD.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t0NIg6hl029936; Fri, 23 Jan 2015 18:42:06 GMT (envelope-from delphij@FreeBSD.org) Message-Id: <201501231842.t0NIg6hl029936@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: delphij set sender to delphij@FreeBSD.org using -f From: Xin LI Date: Fri, 23 Jan 2015 18:42:06 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r277590 - stable/10/usr.bin/seq X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jan 2015 18:42:06 -0000 Author: delphij Date: Fri Jan 23 18:42:05 2015 New Revision: 277590 URL: https://svnweb.freebsd.org/changeset/base/277590 Log: MFC r275918: Sync with NetBSD, mainly address NetBSD bug #43355: Fix valid_format() to be more careful about allowing only valid printf formats. Obtained from: NetBSD Modified: stable/10/usr.bin/seq/seq.1 stable/10/usr.bin/seq/seq.c Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.bin/seq/seq.1 ============================================================================== --- stable/10/usr.bin/seq/seq.1 Fri Jan 23 18:40:47 2015 (r277589) +++ stable/10/usr.bin/seq/seq.1 Fri Jan 23 18:42:05 2015 (r277590) @@ -1,4 +1,4 @@ -.\" $NetBSD: seq.1,v 1.6 2008/11/26 15:03:47 ginsbach Exp $ +.\" $NetBSD: seq.1,v 1.8 2013/04/07 17:37:45 jdf Exp $ .\" .\" Copyright (c) 2005 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -29,7 +29,7 @@ .\" .\" $FreeBSD$ .\" -.Dd February 19, 2010 +.Dd September 10, 2013 .Dt SEQ 1 .Os .Sh NAME @@ -59,7 +59,7 @@ as possible, in increments of When .Ar first is larger than -.Ar last +.Ar last , the default .Ar incr is -1. @@ -79,8 +79,11 @@ style .Ar format to print each number. Only the +.Cm A , +.Cm a , .Cm E , .Cm e , +.Cm F , .Cm f , .Cm G , .Cm g , Modified: stable/10/usr.bin/seq/seq.c ============================================================================== --- stable/10/usr.bin/seq/seq.c Fri Jan 23 18:40:47 2015 (r277589) +++ stable/10/usr.bin/seq/seq.c Fri Jan 23 18:42:05 2015 (r277590) @@ -1,4 +1,4 @@ -/* $NetBSD: seq.c,v 1.5 2008/07/21 14:19:26 lukem Exp $ */ +/* $NetBSD: seq.c,v 1.7 2010/05/27 08:40:19 dholland Exp $ */ /* * Copyright (c) 2005 The NetBSD Foundation, Inc. * All rights reserved. @@ -158,6 +158,8 @@ main(int argc, char *argv[]) if (!valid_format(fmt)) errx(1, "invalid format string: `%s'", fmt); fmt = unescape(fmt); + if (!valid_format(fmt)) + errx(1, "invalid format string"); /* * XXX to be bug for bug compatible with Plan 9 add a * newline if none found at the end of the format string. @@ -225,39 +227,56 @@ numeric(const char *s) static int valid_format(const char *fmt) { - int conversions = 0; + unsigned conversions = 0; while (*fmt != '\0') { /* scan for conversions */ - if (*fmt != '\0' && *fmt != '%') { - do { - fmt++; - } while (*fmt != '\0' && *fmt != '%'); + if (*fmt != '%') { + fmt++; + continue; } - /* scan a conversion */ - if (*fmt != '\0') { - do { - fmt++; + fmt++; - /* ok %% */ - if (*fmt == '%') { - fmt++; - break; - } - /* valid conversions */ - if (strchr("eEfgG", *fmt) && - conversions++ < 1) { - fmt++; - break; - } - /* flags, width and precision */ - if (isdigit((unsigned char)*fmt) || - strchr("+- 0#.", *fmt)) - continue; + /* allow %% but not things like %10% */ + if (*fmt == '%') { + fmt++; + continue; + } - /* oops! bad conversion format! */ - return (0); - } while (*fmt != '\0'); + /* flags */ + while (*fmt != '\0' && strchr("#0- +'", *fmt)) { + fmt++; + } + + /* field width */ + while (*fmt != '\0' && strchr("0123456789", *fmt)) { + fmt++; + } + + /* precision */ + if (*fmt == '.') { + fmt++; + while (*fmt != '\0' && strchr("0123456789", *fmt)) { + fmt++; + } + } + + /* conversion */ + switch (*fmt) { + case 'A': + case 'a': + case 'E': + case 'e': + case 'F': + case 'f': + case 'G': + case 'g': + /* floating point formats are accepted */ + conversions++; + break; + default: + /* anything else is not */ + return 0; } }