patch 9.1.0404: [security] xxd: buffer-overflow with specific flags
Problem: [security] xxd: buffer-overflow with specific flags
Solution: Correctly calculate the required buffer space
(Lennard Hofmann)
xxd writes each output line into a global buffer before printing.
The maximum size of that buffer was not calculated correctly.
This command was crashing in AddressSanitizer:
$ xxd -Ralways -g1 -c256 -d -o 9223372036854775808 /etc/passwd
This prints a line of 6680 bytes but the buffer only had room for 6549 bytes.
If the output from "-b" was colored, the line could be even longer.
closes: #14738
Co-authored-by: K.Takata <kentkt@csc.jp>
Signed-off-by: Lennard Hofmann <lennard.hofmann@web.de>
Signed-off-by: Christian Brabandt <cb@256bit.org>
diff --git a/runtime/doc/xxd.1 b/runtime/doc/xxd.1
index f5a7c65..c76f89b 100644
--- a/runtime/doc/xxd.1
+++ b/runtime/doc/xxd.1
@@ -75,6 +75,9 @@
.IR \-C " | " \-capitalize
Capitalize variable names in C include file style, when using \-i.
.TP
+.I \-d
+show offset in decimal instead of hex.
+.TP
.IR \-E " | " \-EBCDIC
Change the character encoding in the righthand column from ASCII to EBCDIC.
This does not change the hexadecimal representation. The option is
@@ -138,12 +141,12 @@
to read a bits dump instead of a hex dump.
.TP
.IR \-R " " when
-In output the hex-value and the value are both colored with the same color
+In the output the hex-value and the value are both colored with the same color
depending on the hex-value. Mostly helping to differentiate printable and
non-printable characters.
.I \fIwhen\fP
is
-.BR never ", " always ", or " auto .
+.BR never ", " always ", or " auto " (default: auto).
When the
.BR $NO_COLOR
environment variable is set, colorization will be disabled.