This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Improve DST handling (Bug 23102, Bug 21942, Bug 18018, Bug, 23259, CVE-2011-0536 ).
- From: Andreas Schwab <schwab at suse dot de>
- To: Carlos O'Donell <carlos at redhat dot com>
- Cc: GNU C Library <libc-alpha at sourceware dot org>, "Dmitry V. Levin" <ldv at altlinux dot org>, Florian Weimer <fweimer at redhat dot com>
- Date: Wed, 06 Jun 2018 18:30:12 +0200
- Subject: Re: [PATCH] Improve DST handling (Bug 23102, Bug 21942, Bug 18018, Bug, 23259, CVE-2011-0536 ).
- References: <9cf43cb6-511c-ec6c-9a87-e89a467238d9@redhat.com> <cce5064a-c6c8-6676-5088-d737b9a7c259@redhat.com>
On Jun 06 2018, Carlos O'Donell <carlos@redhat.com> wrote:
> + /* Find longest valid input sequence. */
> + ilen = 0;
> + while ((input[ilen] >= 'A' && input[ilen] <= 'Z')
> + || (input[ilen] >= 'a' && input[ilen] <= 'z')
> + || (input[ilen] >= '0' && input[ilen] <= '9')
> + || (input[ilen] == '_'))
> + ++ilen;
> +
> + rlen = strlen (ref);
> +
> + /* Can't be the DST we are looking for. */
> + if (rlen != ilen)
> + return 0;
Why do you need that? Just compare, then check the next character.
Andreas.
--
Andreas Schwab, SUSE Labs, schwab@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."
- References:
- [PATCH] Improve DST handling (Bug 23102, Bug 21942, Bug 18018, Bug, 23259, CVE-2011-0536 ).
- Re: [PATCH] Improve DST handling (Bug 23102, Bug 21942, Bug 18018, Bug, 23259, CVE-2011-0536 ).