[devel] [PATCH for apt 23/38] Fortify ParseQuoteWord function

Aleksei Nikiforov darktemplar на altlinux.org
Вт Дек 10 18:23:28 MSK 2019 

If some ipv6 address is used in format addr%interface, like ::1%lo or ::1%eth0,
it's not interpreted as an URL-encoded string, since characters following %
are not valid hex digits.
---
 apt/apt-pkg/contrib/strutl.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/apt/apt-pkg/contrib/strutl.cc b/apt/apt-pkg/contrib/strutl.cc
index c07e65c..4d5025a 100644
--- a/apt/apt-pkg/contrib/strutl.cc
+++ b/apt/apt-pkg/contrib/strutl.cc
@@ -130,7 +130,8 @@ bool ParseQuoteWord(const char *&String,string &Res)
    char *I;
    for (I = Buffer; I < Buffer + sizeof(Buffer) && Start != C; I++)
    {
-      if (*Start == '%' && Start + 2 < C)
+      if ((*Start == '%') && (Start + 2 < C) &&
+         isxdigit(Start[1]) && isxdigit(Start[2]))
       {
 	 Tmp[0] = Start[1];
 	 Tmp[1] = Start[2];
-- 
2.24.0

Подробная информация о списке рассылки Devel