diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2023-05-07 13:43:14 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2023-05-07 13:43:14 +0000 |
| commit | fa3af9f4d9b7c47a5daae99011451ae34c0df378 (patch) | |
| tree | 3a6d1738b8ca28908b1ce2e09b4393ae5cf26593 /usr.sbin/cron/entry.c | |
| parent | 3a3f8173ec8ca5692d93da555af4e6d0a1cd47f7 (diff) | |
cron: check for garbage after the '~' in a random range.
A bug in the parsing of the optional number after the '~' in a
random range prevented proper syntax checking. OK kn@
Diffstat (limited to 'usr.sbin/cron/entry.c')
| -rw-r--r-- | usr.sbin/cron/entry.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/usr.sbin/cron/entry.c b/usr.sbin/cron/entry.c index 0fc853edbd9..0d7a8526dfd 100644 --- a/usr.sbin/cron/entry.c +++ b/usr.sbin/cron/entry.c @@ -1,4 +1,4 @@ -/* $OpenBSD: entry.c,v 1.54 2023/05/06 23:06:27 millert Exp $ */ +/* $OpenBSD: entry.c,v 1.55 2023/05/07 13:43:13 millert Exp $ */ /* * Copyright 1988,1990,1993,1994 by Paul Vixie @@ -499,8 +499,15 @@ get_range(bitstr_t *bits, int low, int high, const char *names[], /* get the (optional) number following the tilde */ ch = get_number(&num2, low, names, ch, file, "/, \t\n"); - if (ch == EOF) + if (ch == EOF) { + /* no second number, check for valid terminator + */ ch = get_char(file); + if (!strchr("/, \t\n", ch)) { + unget_char(ch, file); + return (EOF); + } + } if (ch == EOF || num1 > num2) { unget_char(ch, file); return (EOF); |