Fix segmentation fault on invalid add argument. (!3) · Merge requests · xorg / app / xauth

Tobias Stoeckmann requested to merge tstoeckmann/xauth:quote into master May 03, 2020

The hex key supplied with an add command can be quoted, in which case the quotation marks are removed.

The check itself makes sure that a given string starts with a double quotation mark and ends with a double quotation mark.

Buf if only " is supplied, the code crashes because it subtracts 2 from the length (which is 1) and therefore copies too much memory into a 0 allocated memory area.

Proof of concept:

$ xauth add :0 0 "

Admin message

Fix segmentation fault on invalid add argument.

Merge request reports