substr: fix buffer overflow with utf-8 strings

We need to use u8_strlen(), not strlen(), to compute the length.
Otherwise, there may be an out of bounds write when writing the NUL
terminator to set the length of the substring.
https://github.com/onetrueawk/awk/pull/205

diff --git a/usr.bin/awk/run.c b/usr.bin/awk/run.c
index 1c1b72c..6e72ec1 100644 (file)
--- a/usr.bin/awk/run.c
+++ b/usr.bin/awk/run.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: run.c,v 1.79 2023/10/06 22:29:24 millert Exp $        */
+/*     $OpenBSD: run.c,v 1.80 2023/10/28 22:38:22 millert Exp $        */
 /****************************************************************
 Copyright (C) Lucent Technologies 1997
 All Rights Reserved
@@ -986,7 +986,7 @@ Cell *substr(Node **a, int nnn)             /* substr(a[0], a[1], a[2]) */
        if (a[2] != NULL)
                z = execute(a[2]);
        s = getsval(x);
-       k = strlen(s) + 1;
+       k = u8_strlen(s) + 1;
        if (k <= 1) {
                tempfree(x);
                tempfree(y);