From 8430b9b88426eb3c273b02a2d9505d839913317c Mon Sep 17 00:00:00 2001
From: Karel Zak <kzak@redhat.com>
Date: Tue, 25 Oct 2016 13:41:10 +0200
Subject: [PATCH] libfdisk: make script token parser more robust

* make sure token is terminated
* skip closing quotes
* allow extra space after quotes and before terminater
* skip extra space after terminater

Addresses: https://github.com/karelzak/util-linux/issues/367
Signed-off-by: Karel Zak <kzak@redhat.com>
---
 libfdisk/src/script.c | 32 +++++++++++++++++++++++++++++---
 1 file changed, 29 insertions(+), 3 deletions(-)

diff --git a/libfdisk/src/script.c b/libfdisk/src/script.c
index 4c1f9c7b9..54621ae28 100644
--- a/libfdisk/src/script.c
+++ b/libfdisk/src/script.c
@@ -736,7 +736,7 @@ static char *next_token(char **str)
 	     *tk_end = NULL,
 	     *end = NULL,
 	     *p;
-	int open_quote = 0;
+	int open_quote = 0, terminated = 0;
 
 	for (p = *str; p && *p; p++) {
 		if (!tk_begin) {
@@ -758,10 +758,36 @@ static char *next_token(char **str)
 
 	if (!tk_end)
 		return NULL;
-	end = isblank(*tk_end) ? (char *) skip_blank(tk_end) : tk_end;
-	if (*end == ',' || *end == ';')
+
+	end = tk_end;
+
+	/* skip closing quotes */
+	if (*end == '"')
 		end++;
 
+	/* token is terminated by blank (or blank is before "," or ";") */
+	if (isblank(*end)) {
+		end = (char *) skip_blank(end);
+		terminated++;
+	}
+
+	/* token is terminated by "," or ";" */
+	if (*end == ',' || *end == ';') {
+		end++;
+		terminated++;
+
+	/* token is terminated by \0 */
+	} else if (!*end)
+		terminated++;
+
+	if (!terminated) {
+		DBG(SCRIPT, ul_debug("unterminated token '%s'", end));
+		return NULL;
+	}
+
+	/* skip extra space after terminator */
+	end = (char *) skip_blank(end);
+
 	*tk_end = '\0';
 	*str = end;
 	return tk_begin;