From nobody Tue Oct 25 21:52:16 2022 X-Original-To: standards@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Mxlz46BnFz4g63B for ; Tue, 25 Oct 2022 21:52:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Mxlz40MgBz3jjG for ; Tue, 25 Oct 2022 21:52:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Mxlz36VZdztCS for ; Tue, 25 Oct 2022 21:52:15 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 29PLqFLs073973 for ; Tue, 25 Oct 2022 21:52:15 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 29PLqFPB073972 for standards@FreeBSD.org; Tue, 25 Oct 2022 21:52:15 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: standards@FreeBSD.org Subject: [Bug 267282] [PATCH] strfmon: Attempt to fix some strfmon(3) bugs Date: Tue, 25 Oct 2022 21:52:16 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: standards X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: standards@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Standards compliance List-Archive: https://lists.freebsd.org/archives/freebsd-standards List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-standards@freebsd.org X-BeenThere: freebsd-standards@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1666734736; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=XGebPHqaq/7g7hWPnMbdrc4/T8ejfRSE68801k2H0rU=; b=q0A7rEwYs+7H8WNdN2JBFSes+q3nHlia+G8jwRqLbqKKgosHefqCFApAVzOrRZp6ZoWm3+ mHzz4P9zRKnhaJ75W+qwsimDnfomHoLg6L4oolmb9jLWNqgNKqN9QnCSQ1CCecLLODwOQv ZBMDevQx8Sc5hq16CXrEeHDym9GCxlNxthfU6mQ5WYsEOeYN7PAU280aykbAGmfydZ3EjY xCPXYyWiANCP6fTb47jpf2e6DkJ31dtGrh7R072ZAr8fIsmpWyGRI0CGjR4gVUd47ezam0 FRSYI4xVQGNjlCFC+D0zf0uaoeW7kC5oB0HSOkVLv6aE++hQHQ4cRjVZbgw9Aw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1666734736; a=rsa-sha256; cv=none; b=dGQj8XqK+tN5bRHwqOUnjcDfkgE6aKEEdlsFzb03uxGbS6D3/QvLI/xYuVWHhBV1GD4vpZ j8VXf+GAnYD7R1Ndlw5IkjjFr1gWaH25TyUdwivwuAxbOzpKy7WLFfiEBVbf4NFv4vr0gz eHa+6ZELr9uL4p9583FMHIQIl3JKdxNGEC0XioLpetvou/PYNmV79vFPiS0nrJmCa1HOmj SaQGTqh/qRyQriwtrQZCtNuRaHI0UtozdzRvCiG0Ws5XyTAz9JM86YENB/8ddC45fIsmIw S3CK3ZLrf47eUdE7bHAwBdFY81/MjSRt1zyQsWzmjNDUDFu+mnKem3AwXMz4vg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D267282 --- Comment #8 from commit-hook@FreeBSD.org --- A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D9e03b903e377c75a60cbbb89ed7895576= 9a1c804 commit 9e03b903e377c75a60cbbb89ed78955769a1c804 Author: Jose Luis Duran AuthorDate: 2022-10-13 15:51:27 +0000 Commit: Konstantin Belousov CommitDate: 2022-10-25 21:40:17 +0000 strfmon: Avoid an out-of-bounds access Avoid an out-of-bounds access when trying to set the space_char using an international currency format (%i) and the C/POSIX locale. The current code tries to read the SPACE from int_curr_symbol[3]: currency_symbol =3D strdup(lc->int_curr_symbol); space_char =3D *(currency_symbol+3); But on C/POSIX locales, int_curr_symbol is empty. Three implementations have been examined: NetBSD[1], Darwin[2], and Illumos[3]. Only NetBSD has fixed it[4]. Darwin and NetBSD also trim the mandatory final SPACE character after reading it. Locale Format Darwin/NetBSD FreeBSD/Illumos en_US.UTF-8 [%i] [USD123.45] [USD 123.45] fr_FR.UTF-8 [%i] [123,45 EUR] [123,45 EUR ] This commit only fixes the out-of-bounds access. [1]: https://github.com/NetBSD/src/blob/trunk/lib/libc/stdlib/strfmon.c [2]: https://opensource.apple.com/source/Libc/Libc-1439.141.1/stdlib/NetBSD/strf= mon.c.auto.html [3]: https://github.com/illumos/illumos-gate/blob/master/usr/src/lib/libc/port/l= ocale/strfmon.c [4]: https://github.com/NetBSD/src/commit/3d7b5d498aa9609f2bc9ece9c734c5f493a8e2= 39 Reviewed by: kib PR: 267282 Github PR: #619 MFC after: 1 week lib/libc/stdlib/strfmon.c | 5 +++-- lib/libc/tests/stdlib/strfmon_test.c | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.=