From ec12007a9b0c048e304715cbe07b13338cbfac11 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Wed, 14 Aug 2019 11:46:14 -0400 Subject: Don't skip past zero byte in profile parsing In parse_quoted_string(), only process an escape sequence if there is a second character after the backlash, to avoid reading past the terminating zero byte. Reported by Lutz Justen. (cherry picked from commit a449bfc16c32019fec8b4deea963a3e474b0d14d) ticket: 8825 version_fixed: 1.17.1 --- src/util/profile/prof_parse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/util/profile/prof_parse.c b/src/util/profile/prof_parse.c index 531e4a0..7ba44ac 100644 --- a/src/util/profile/prof_parse.c +++ b/src/util/profile/prof_parse.c @@ -48,7 +48,7 @@ static void parse_quoted_string(char *str) char *to, *from; for (to = from = str; *from && *from != '"'; to++, from++) { - if (*from == '\\') { + if (*from == '\\' && *(from + 1) != '\0') { from++; switch (*from) { case 'n': -- cgit v1.1