lineedit: fix SEGV in isk, hexedit, ed, closes 11661

fdisk, hexedit and ed calls read_line_edit in libbb/lineedit.c with NULL as first argument. On line 2373 of lineedit.c of busybox version 1.29.3, state->hist_file is referenced without checking the state->flag. This causes segmentation fault on fdisk, hexedit and ed on ARM Cortex-A9. It somehow works on x86_64. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
author: Denys Vlasenko 2019-02-04 16:16:30 +0100
committer: Denys Vlasenko 2019-02-14 14:40:57 +0100
commit: d7a622b57231d4e9097c790650859aa9f7364581 (patch)
tree: bc024c4c9eeab2ae9758ea30c4d9e3245940649d /libbb/lineedit.c
parent: 256ee622249830d102c58edccf893104a4a34037 (diff)
download: busybox-d7a622b57231d4e9097c790650859aa9f7364581.zip
busybox-d7a622b57231d4e9097c790650859aa9f7364581.tar.gz
1 files changed, 5 insertions, 4 deletions
diff --git a/libbb/lineedit.c b/libbb/lineedit.c
index 0a888fa..1d5fef5 100644
--- a/libbb/lineedit.c
+++ b/libbb/lineedit.c
@@ -2383,13 +2383,14 @@ int FAST_FUNC read_line_input(line_input_t *st, const char *prompt, char *comman
 		timeout = st->timeout;
 	}
 #if MAX_HISTORY > 0
+	if (state->flags & DO_HISTORY) {
 # if ENABLE_FEATURE_EDITING_SAVEHISTORY
-	if (state->hist_file)
-		if (state->cnt_history == 0)
-			load_history(state);
+		if (state->hist_file)
+			if (state->cnt_history == 0)
+				load_history(state);
 # endif
-	if (state->flags & DO_HISTORY)
 		state->cur_history = state->cnt_history;
+	}
 #endif
 
 	/* prepare before init handlers */
author	Denys Vlasenko	2019-02-04 16:16:30 +0100
committer	Denys Vlasenko	2019-02-14 14:40:57 +0100
commit	d7a622b57231d4e9097c790650859aa9f7364581 (patch)
tree	bc024c4c9eeab2ae9758ea30c4d9e3245940649d /libbb/lineedit.c
parent	256ee622249830d102c58edccf893104a4a34037 (diff)
download	busybox-d7a622b57231d4e9097c790650859aa9f7364581.zip busybox-d7a622b57231d4e9097c790650859aa9f7364581.tar.gz