[Bug 11661] New: SegFault on fdisk, hexedit, ed due to read_line_edit dereferencing state->hist_file

bugzilla at busybox.net bugzilla at busybox.net
Sat Feb 2 12:02:02 UTC 2019


https://bugs.busybox.net/show_bug.cgi?id=11661

            Bug ID: 11661
           Summary: SegFault on fdisk, hexedit, ed due to read_line_edit
                    dereferencing state->hist_file
           Product: Busybox
           Version: 1.29.x
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P5
         Component: Other
          Assignee: unassigned at busybox.net
          Reporter: xellworks at gmail.com
                CC: busybox-cvs at busybox.net
  Target Milestone: ---

Created attachment 7936
  --> https://bugs.busybox.net/attachment.cgi?id=7936&action=edit
fix suggestion for lineedit.c

fdisk, hexedit and ed calls read_line_edit in libbb/lineedit.c with NULL as
first argument. On line 2373 of lineedit.c of busybox version 1.29.3,
state->hist_file is referenced without checking the state->flag.

This causes segmentation fault on fdisk, hexedit and ed on ARM Cortex-A9.
It somehow works on x86_64.

Attached is a fix suggestion for lineedit.c

-- 
You are receiving this mail because:
You are on the CC list for the bug.


More information about the busybox-cvs mailing list