From nobody@FreeBSD.org  Sun Mar 14 00:11:44 2010
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 26CF31065670
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 14 Mar 2010 00:11:44 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id F02858FC13
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 14 Mar 2010 00:11:43 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o2E0BhAJ077171
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 14 Mar 2010 00:11:43 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id o2E0Bg8G077170;
	Sun, 14 Mar 2010 00:11:42 GMT
	(envelope-from nobody)
Message-Id: <201003140011.o2E0Bg8G077170@www.freebsd.org>
Date: Sun, 14 Mar 2010 00:11:42 GMT
From: Garrett Cooper <yaneurabeya@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [patch] port over character escape fix for hexdump in NetBSD PR # 28157
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         144722
>Category:       bin
>Synopsis:       [patch] port over character escape fix for hexdump(1) in NetBSD PR # 28157
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    tijl
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Mar 14 00:20:02 UTC 2010
>Closed-Date:    Mon Feb 13 11:42:37 CET 2012
>Last-Modified:  Sun Feb 03 22:28:17 UTC 2013
>Originator:     Garrett Cooper
>Release:        9-CURRENT
>Organization:
Cisco Systems, Inc.
>Environment:
FreeBSD bayonetta.localdomain 9.0-CURRENT FreeBSD 9.0-CURRENT #2: Thu Mar  4 13:16:39 PST 2010     gcooper@bayonetta.localdomain:/usr/obj/usr/src/sys/BAYONETTA  amd64
>Description:
A number of \\ and \n related escaping bugs are reported in NetBSD PR # 28157 which were fixed quite a while ago in NetBSD's copy of hexdump, but not FreeBSD's copy of hexdump.

The attached patch is a minimal change which merges the fixes present in NetBSD's hexdump with our copy of hexdump (some of the fixes in the patch provided in the NetBSD PR had been orthogonally fixed in our hexdump).
>How-To-Repeat:
% hexdump -e '8/1 "\\x%02x" "\n"' /path/to/some/data
hexdump: %
: bad conversion character 
% hexdump -e '1/1 "\\x%02x"' /path/to/some/data
Segmentation fault (core dumped)
% hexdump -e '1/1 "\nx"' /path/to/some/data
--> many 'n's are output. (instead of 'x's)
>Fix:
See attached patch.

Patch attached with submission follows:

Index: parse.c
===================================================================
--- parse.c	(revision 205137)
+++ parse.c	(working copy)
@@ -259,7 +259,9 @@
 					sokay = NOTOKAY;
 			}
 
-			p2 = p1 + 1;		/* Set end pointer. */
+			p2 = *p1 ? p1 + 1 : p1;	/* Set end pointer -- make sure
+						 * that it's non-NUL/-NULL first
+						 * though. */
 			cs[0] = *p1;		/* Set conversion string. */
 			cs[1] = '\0';
 
@@ -453,13 +455,21 @@
 	char *p2;
 
 	/* alphabetic escape sequences have to be done in place */
-	for (p2 = p1;; ++p1, ++p2) {
-		if (!*p1) {
-			*p2 = *p1;
-			break;
-		}
-		if (*p1 == '\\')
-			switch(*++p1) {
+	for (p2 = p1; *p1; p1++, p2++) {
+		/* 
+		 * Let's take a peak at the next item and see whether or not
+		 * we need to escape the value...
+		 */
+		if (*p1 == '\\') {
+
+			p1++;
+
+			switch(*p1) {
+			/* A standalone `\' */
+			case '\0':
+				*p2 = '\\';
+				*++p2 = '\0';
+				break;
 			case 'a':
 			     /* *p2 = '\a'; */
 				*p2 = '\007';
@@ -486,7 +496,13 @@
 				*p2 = *p1;
 				break;
 			}
+
+		} else {
+			*p2 = *p1;
+		}
+
 	}
+
 }
 
 void


>Release-Note:
>Audit-Trail:

From: Garrett Cooper <yaneurabeya@gmail.com>
To: bug-followup@FreeBSD.org, gcooper@FreeBSD.org
Cc:  
Subject: Re: bin/144722: [patch] port over character escape fix for hexdump in 
	NetBSD PR # 28157
Date: Sat, 13 Mar 2010 16:32:54 -0800

 --001636ed629fcbc0520481b7e746
 Content-Type: text/plain; charset=ISO-8859-1
 
     The modified else statement didn't conform to style(9); fix it.
 Thanks,
 -Garrett
 
 --001636ed629fcbc0520481b7e746
 Content-Type: text/plain; charset=US-ASCII; name="netbsd-pr-28157.port-over.diff.txt"
 Content-Disposition: attachment; 
 	filename="netbsd-pr-28157.port-over.diff.txt"
 Content-Transfer-Encoding: base64
 X-Attachment-Id: f_g6r42gdz0
 
 SW5kZXg6IHBhcnNlLmMKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
 PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gcGFyc2UuYwkocmV2aXNpb24gMjA1MTM3KQor
 KysgcGFyc2UuYwkod29ya2luZyBjb3B5KQpAQCAtMjU5LDcgKzI1OSw5IEBACiAJCQkJCXNva2F5
 ID0gTk9UT0tBWTsKIAkJCX0KIAotCQkJcDIgPSBwMSArIDE7CQkvKiBTZXQgZW5kIHBvaW50ZXIu
 ICovCisJCQlwMiA9ICpwMSA/IHAxICsgMSA6IHAxOwkvKiBTZXQgZW5kIHBvaW50ZXIgLS0gbWFr
 ZSBzdXJlCisJCQkJCQkgKiB0aGF0IGl0J3Mgbm9uLU5VTC8tTlVMTCBmaXJzdAorCQkJCQkJICog
 dGhvdWdoLiAqLwogCQkJY3NbMF0gPSAqcDE7CQkvKiBTZXQgY29udmVyc2lvbiBzdHJpbmcuICov
 CiAJCQljc1sxXSA9ICdcMCc7CiAKQEAgLTQ1MywxMyArNDU1LDIxIEBACiAJY2hhciAqcDI7CiAK
 IAkvKiBhbHBoYWJldGljIGVzY2FwZSBzZXF1ZW5jZXMgaGF2ZSB0byBiZSBkb25lIGluIHBsYWNl
 ICovCi0JZm9yIChwMiA9IHAxOzsgKytwMSwgKytwMikgewotCQlpZiAoISpwMSkgewotCQkJKnAy
 ID0gKnAxOwotCQkJYnJlYWs7Ci0JCX0KLQkJaWYgKCpwMSA9PSAnXFwnKQotCQkJc3dpdGNoKCor
 K3AxKSB7CisJZm9yIChwMiA9IHAxOyAqcDE7IHAxKyssIHAyKyspIHsKKwkJLyogCisJCSAqIExl
 dCdzIHRha2UgYSBwZWFrIGF0IHRoZSBuZXh0IGl0ZW0gYW5kIHNlZSB3aGV0aGVyIG9yIG5vdAor
 CQkgKiB3ZSBuZWVkIHRvIGVzY2FwZSB0aGUgdmFsdWUuLi4KKwkJICovCisJCWlmICgqcDEgPT0g
 J1xcJykgeworCisJCQlwMSsrOworCisJCQlzd2l0Y2goKnAxKSB7CisJCQkvKiBBIHN0YW5kYWxv
 bmUgYFwnICovCisJCQljYXNlICdcMCc6CisJCQkJKnAyID0gJ1xcJzsKKwkJCQkqKytwMiA9ICdc
 MCc7CisJCQkJYnJlYWs7CiAJCQljYXNlICdhJzoKIAkJCSAgICAgLyogKnAyID0gJ1xhJzsgKi8K
 IAkJCQkqcDIgPSAnXDAwNyc7CkBAIC00ODYsNyArNDk2LDEyIEBACiAJCQkJKnAyID0gKnAxOwog
 CQkJCWJyZWFrOwogCQkJfQorCisJCX0gZWxzZQorCQkJKnAyID0gKnAxOworCiAJfQorCiB9CiAK
 IHZvaWQK
 --001636ed629fcbc0520481b7e746--
Responsible-Changed-From-To: freebsd-bugs->eadler 
Responsible-Changed-By: eadler 
Responsible-Changed-When: Mon Jan 2 15:24:27 UTC 2012 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=144722 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/144722: commit references a PR
Date: Sat,  7 Jan 2012 23:15:32 +0000 (UTC)

 Author: eadler (ports committer)
 Date: Sat Jan  7 23:15:21 2012
 New Revision: 229794
 URL: http://svn.freebsd.org/changeset/base/229794
 
 Log:
   - Fix how hexdump parses escape strings
   From the NetBSD bug:
   The way how hexdump(1) parses escape sequences has some bugs.
   It shows up when an escape sequence is used as the non-last character
   of a format string.
   
   PR:		bin/144722
   Submitted by:	gcooper
   Approved by:	rpaulo
   Obtained from:	NetBSD
   MFC after:	1 week
 
 Modified:
   head/usr.bin/hexdump/parse.c
 
 Modified: head/usr.bin/hexdump/parse.c
 ==============================================================================
 --- head/usr.bin/hexdump/parse.c	Sat Jan  7 22:29:46 2012	(r229793)
 +++ head/usr.bin/hexdump/parse.c	Sat Jan  7 23:15:21 2012	(r229794)
 @@ -255,7 +255,9 @@ rewrite(FS *fs)
  					sokay = NOTOKAY;
  			}
  
 -			p2 = p1 + 1;		/* Set end pointer. */
 +			p2 = *p1 ? p1 + 1 : p1;	/* Set end pointer -- make sure
 +						 * that it's non-NUL/-NULL first
 +						 * though. */
  			cs[0] = *p1;		/* Set conversion string. */
  			cs[1] = '\0';
  
 @@ -449,13 +451,21 @@ escape(char *p1)
  	char *p2;
  
  	/* alphabetic escape sequences have to be done in place */
 -	for (p2 = p1;; ++p1, ++p2) {
 -		if (!*p1) {
 -			*p2 = *p1;
 -			break;
 -		}
 -		if (*p1 == '\\')
 -			switch(*++p1) {
 +	for (p2 = p1; *p1; p1++, p2++) {
 +		/* 
 +		 * Let's take a peak at the next item and see whether or not
 +		 * we need to escape the value...
 +		 */
 +		if (*p1 == '\\') {
 +
 +			p1++;
 +
 +			switch(*p1) {
 +			/* A standalone `\' */
 +			case '\0':
 +				*p2 = '\\';
 +				*++p2 = '\0';
 +				break;
  			case 'a':
  			     /* *p2 = '\a'; */
  				*p2 = '\007';
 @@ -482,7 +492,12 @@ escape(char *p1)
  				*p2 = *p1;
  				break;
  			}
 +
 +		} else
 +			*p2 = *p1;
 +
  	}
 +
  }
  
  void
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->patched 
State-Changed-By: eadler 
State-Changed-When: Sat Jan 7 23:21:13 UTC 2012 
State-Changed-Why:  
committed in r229794 

http://www.freebsd.org/cgi/query-pr.cgi?pr=144722 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/144722: commit references a PR
Date: Sat, 28 Jan 2012 18:49:19 +0000 (UTC)

 Author: tijl
 Date: Sat Jan 28 18:49:04 2012
 New Revision: 230649
 URL: http://svn.freebsd.org/changeset/base/230649
 
 Log:
   Fix decoding of escape sequences in format strings:
   - Zero-terminate the resulting string by letting the for-loop copy the
     terminating zero.
   - Exit the for-loop after handling a backslash at the end of the format
     string to fix a buffer overrun.
   - Remove some unnecessary comments and blank lines. [1]
   
   Requested by:	bde [1]
   PR:		bin/144722
   Approved by:	kib (mentor)
 
 Modified:
   head/usr.bin/hexdump/parse.c
 
 Modified: head/usr.bin/hexdump/parse.c
 ==============================================================================
 --- head/usr.bin/hexdump/parse.c	Sat Jan 28 18:35:10 2012	(r230648)
 +++ head/usr.bin/hexdump/parse.c	Sat Jan 28 18:49:04 2012	(r230649)
 @@ -451,21 +451,14 @@ escape(char *p1)
  	char *p2;
  
  	/* alphabetic escape sequences have to be done in place */
 -	for (p2 = p1; *p1; p1++, p2++) {
 -		/* 
 -		 * Let's take a peak at the next item and see whether or not
 -		 * we need to escape the value...
 -		 */
 +	for (p2 = p1;; p1++, p2++) {
  		if (*p1 == '\\') {
 -
  			p1++;
 -
  			switch(*p1) {
 -			/* A standalone `\' */
  			case '\0':
  				*p2 = '\\';
  				*++p2 = '\0';
 -				break;
 +				return;
  			case 'a':
  			     /* *p2 = '\a'; */
  				*p2 = '\007';
 @@ -492,12 +485,12 @@ escape(char *p1)
  				*p2 = *p1;
  				break;
  			}
 -
 -		} else
 +		} else {
  			*p2 = *p1;
 -
 +			if (*p1 == '\0')
 +				return;
 +		}
  	}
 -
  }
  
  void
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
Responsible-Changed-From-To: eadler->tijl 
Responsible-Changed-By: eadler 
Responsible-Changed-When: Wed Feb 1 04:49:49 UTC 2012 
Responsible-Changed-Why:  
tijl committed the correct fix 

http://www.freebsd.org/cgi/query-pr.cgi?pr=144722 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/144722: commit references a PR
Date: Mon, 13 Feb 2012 10:24:37 +0000 (UTC)

 Author: tijl
 Date: Mon Feb 13 10:24:22 2012
 New Revision: 231577
 URL: http://svn.freebsd.org/changeset/base/231577
 
 Log:
   MFC r228636:
   
   Correct a logic error in usr.bin/hexdump/conv.c, found by clang.
   
   Whenever the conv_c() function encounters an incomplete multibyte char,
   it peeks ahead.  It also sets p to peekbuf, to indicate it is still
   processing the incomplete character.
   
   However, on the next retry, it compares buf against peekbuf, which
   always returns false, since both buf and peekbuf are local char arrays,
   whose addresses are never the same.
   
   Fix this by comparing against p instead, which was the intention.  Also
   turn peekbuf into an array of u_char, to prevent conversion warnings.
   
   MFC r229794:
   
   - Fix how hexdump parses escape strings
   From the NetBSD bug:
   The way how hexdump(1) parses escape sequences has some bugs.
   It shows up when an escape sequence is used as the non-last character
   of a format string.
   
   MFC r230649:
   
   Fix decoding of escape sequences in format strings:
   - Zero-terminate the resulting string by letting the for-loop copy the
     terminating zero.
   - Exit the for-loop after handling a backslash at the end of the format
     string to fix a buffer overrun.
   - Remove some unnecessary comments and blank lines.
   
   PR:		bin/144722
 
 Modified:
   stable/8/usr.bin/hexdump/conv.c
   stable/8/usr.bin/hexdump/parse.c
 Directory Properties:
   stable/8/usr.bin/hexdump/   (props changed)
 
 Modified: stable/8/usr.bin/hexdump/conv.c
 ==============================================================================
 --- stable/8/usr.bin/hexdump/conv.c	Mon Feb 13 07:47:36 2012	(r231576)
 +++ stable/8/usr.bin/hexdump/conv.c	Mon Feb 13 10:24:22 2012	(r231577)
 @@ -57,7 +57,7 @@ conv_c(PR *pr, u_char *p, size_t bufsize
  	wchar_t wc;
  	size_t clen, oclen;
  	int converr, pad, width;
 -	char peekbuf[MB_LEN_MAX];
 +	u_char peekbuf[MB_LEN_MAX];
  
  	if (pr->mbleft > 0) {
  		str = "**";
 @@ -107,7 +107,7 @@ retry:
  		if (clen == 0)
  			clen = 1;
  		else if (clen == (size_t)-1 || (clen == (size_t)-2 &&
 -		    buf == peekbuf)) {
 +		    p == peekbuf)) {
  			memset(&pr->mbstate, 0, sizeof(pr->mbstate));
  			wc = *p;
  			clen = 1;
 
 Modified: stable/8/usr.bin/hexdump/parse.c
 ==============================================================================
 --- stable/8/usr.bin/hexdump/parse.c	Mon Feb 13 07:47:36 2012	(r231576)
 +++ stable/8/usr.bin/hexdump/parse.c	Mon Feb 13 10:24:22 2012	(r231577)
 @@ -259,7 +259,9 @@ rewrite(FS *fs)
  					sokay = NOTOKAY;
  			}
  
 -			p2 = p1 + 1;		/* Set end pointer. */
 +			p2 = *p1 ? p1 + 1 : p1;	/* Set end pointer -- make sure
 +						 * that it's non-NUL/-NULL first
 +						 * though. */
  			cs[0] = *p1;		/* Set conversion string. */
  			cs[1] = '\0';
  
 @@ -453,13 +455,14 @@ escape(char *p1)
  	char *p2;
  
  	/* alphabetic escape sequences have to be done in place */
 -	for (p2 = p1;; ++p1, ++p2) {
 -		if (!*p1) {
 -			*p2 = *p1;
 -			break;
 -		}
 -		if (*p1 == '\\')
 -			switch(*++p1) {
 +	for (p2 = p1;; p1++, p2++) {
 +		if (*p1 == '\\') {
 +			p1++;
 +			switch(*p1) {
 +			case '\0':
 +				*p2 = '\\';
 +				*++p2 = '\0';
 +				return;
  			case 'a':
  			     /* *p2 = '\a'; */
  				*p2 = '\007';
 @@ -486,6 +489,11 @@ escape(char *p1)
  				*p2 = *p1;
  				break;
  			}
 +		} else {
 +			*p2 = *p1;
 +			if (*p1 == '\0')
 +				return;
 +		}
  	}
  }
  
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/144722: commit references a PR
Date: Mon, 13 Feb 2012 10:25:11 +0000 (UTC)

 Author: tijl
 Date: Mon Feb 13 10:24:49 2012
 New Revision: 231578
 URL: http://svn.freebsd.org/changeset/base/231578
 
 Log:
   MFC r229794:
   
   - Fix how hexdump parses escape strings
   From the NetBSD bug:
   The way how hexdump(1) parses escape sequences has some bugs.
   It shows up when an escape sequence is used as the non-last character
   of a format string.
   
   MFC r230649:
   
   Fix decoding of escape sequences in format strings:
   - Zero-terminate the resulting string by letting the for-loop copy the
     terminating zero.
   - Exit the for-loop after handling a backslash at the end of the format
     string to fix a buffer overrun.
   - Remove some unnecessary comments and blank lines.
   
   PR:		bin/144722
 
 Modified:
   stable/9/usr.bin/hexdump/parse.c
 Directory Properties:
   stable/9/usr.bin/hexdump/   (props changed)
 
 Modified: stable/9/usr.bin/hexdump/parse.c
 ==============================================================================
 --- stable/9/usr.bin/hexdump/parse.c	Mon Feb 13 10:24:22 2012	(r231577)
 +++ stable/9/usr.bin/hexdump/parse.c	Mon Feb 13 10:24:49 2012	(r231578)
 @@ -255,7 +255,9 @@ rewrite(FS *fs)
  					sokay = NOTOKAY;
  			}
  
 -			p2 = p1 + 1;		/* Set end pointer. */
 +			p2 = *p1 ? p1 + 1 : p1;	/* Set end pointer -- make sure
 +						 * that it's non-NUL/-NULL first
 +						 * though. */
  			cs[0] = *p1;		/* Set conversion string. */
  			cs[1] = '\0';
  
 @@ -449,13 +451,14 @@ escape(char *p1)
  	char *p2;
  
  	/* alphabetic escape sequences have to be done in place */
 -	for (p2 = p1;; ++p1, ++p2) {
 -		if (!*p1) {
 -			*p2 = *p1;
 -			break;
 -		}
 -		if (*p1 == '\\')
 -			switch(*++p1) {
 +	for (p2 = p1;; p1++, p2++) {
 +		if (*p1 == '\\') {
 +			p1++;
 +			switch(*p1) {
 +			case '\0':
 +				*p2 = '\\';
 +				*++p2 = '\0';
 +				return;
  			case 'a':
  			     /* *p2 = '\a'; */
  				*p2 = '\007';
 @@ -482,6 +485,11 @@ escape(char *p1)
  				*p2 = *p1;
  				break;
  			}
 +		} else {
 +			*p2 = *p1;
 +			if (*p1 == '\0')
 +				return;
 +		}
  	}
  }
  
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: tijl 
State-Changed-When: Mon Feb 13 11:39:45 CET 2012 
State-Changed-Why:  
MFCed to stable/8 (r231577) and stable/9 (r231578). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=144722 
>Unformatted:
