From 46ceb01c2492954e9111f2e8af1ce1534be04938 Mon Sep 17 00:00:00 2001 From: Thierry FOURNIER Date: Tue, 21 Jan 2014 10:59:24 +0100 Subject: [PATCH] BUG/MEDIUM: pattern: Segfault in binary parser The functions pat_parse_* must return 0 if fail and the number of elements eated from **text if not fail. The function pat_parse_bin() returns 0 or the length parsed. This causes a segfault. I just apply the double operator "!" on the result of the function pat_parse_bin() and the return value value match the expected value. --- src/pattern.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/pattern.c b/src/pattern.c index 38b1383..b053201 100644 --- a/src/pattern.c +++ b/src/pattern.c @@ -445,12 +445,18 @@ int pat_parse_bin(const char **text, struct pattern *pattern, enum pat_usage usa pattern->expect_type = SMP_T_CBIN; if (usage == PAT_U_COMPILE) - return parse_binary(*text, &pattern->ptr.str, &pattern->len, err); + /* If the parse_binary fails, it returns 0. In succes case, it returns + * the length of the arsed binary content. The function pat_parse_* + * must return 0 if fail and the number of elements eated from **text + * if not fail. In succes case, this function eat always 1 elements. + * The double operator "!" converts the range "1-n" to "1". + */ + return !!parse_binary(*text, &pattern->ptr.str, &pattern->len, err); trash = get_trash_chunk(); pattern->len = trash->size; pattern->ptr.str = trash->str; - return parse_binary(*text, &pattern->ptr.str, &pattern->len, err); + return !!parse_binary(*text, &pattern->ptr.str, &pattern->len, err); } /* Parse and concatenate all further strings into one. */ -- 1.7.10.4