From: Christos Zoulas <christos@zoulas.com>
Date: Sat, 12 Sep 2015 18:10:42 +0000 (+0000)
Subject: PR/474: be more careful about updating string positions:
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ad0be95588ae5c6c6549265ec7c280c831ba0cdb;p=file

PR/474: be more careful about updating string positions:
1. if the numeric conversion failed, don't move the string pointer.
2. on escape parse failure restore the string position
---

diff --git a/src/apprentice.c b/src/apprentice.c
index ad87fc03..66f64bd9 100644
--- a/src/apprentice.c
+++ b/src/apprentice.c
@@ -32,7 +32,7 @@
 #include "file.h"
 
 #ifndef	lint
-FILE_RCSID("@(#)$File: apprentice.c,v 1.237 2015/09/11 17:24:09 christos Exp $")
+FILE_RCSID("@(#)$File: apprentice.c,v 1.238 2015/09/12 18:10:42 christos Exp $")
 #endif	/* lint */
 
 #include "magic.h"
@@ -2561,12 +2561,14 @@ getvalue(struct magic_set *ms, struct magic *m, const char **p, int action)
 	case FILE_LEFLOAT:
 		if (m->reln != 'x') {
 			char *ep;
+			errno = 0;
 #ifdef HAVE_STRTOF
 			m->value.f = strtof(*p, &ep);
 #else
 			m->value.f = (float)strtod(*p, &ep);
 #endif
-			*p = ep;
+			if (errno == 0)
+				*p = ep;
 		}
 		return 0;
 	case FILE_DOUBLE:
@@ -2574,17 +2576,22 @@ getvalue(struct magic_set *ms, struct magic *m, const char **p, int action)
 	case FILE_LEDOUBLE:
 		if (m->reln != 'x') {
 			char *ep;
+			errno = 0;
 			m->value.d = strtod(*p, &ep);
-			*p = ep;
+			if (errno == 0)
+				*p = ep;
 		}
 		return 0;
 	default:
 		if (m->reln != 'x') {
 			char *ep;
+			errno = 0;
 			m->value.q = file_signextend(ms, m,
 			    (uint64_t)strtoull(*p, &ep, 0));
-			*p = ep;
-			eatsize(p);
+			if (errno == 0) {
+				*p = ep;
+				eatsize(p);
+			}
 		}
 		return 0;
 	}
@@ -2620,6 +2627,7 @@ getstr(struct magic_set *ms, struct magic *m, const char *s, int warn)
 			case '\0':
 				if (warn)
 					file_magwarn(ms, "incomplete escape");
+				s--;
 				goto out;
 
 			case '\t':