Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/usr.bin/xlint/lint1 lint: fix segmentation fault for malform...



details:   https://anonhg.NetBSD.org/src/rev/4235ffc0e84b
branches:  trunk
changeset: 379799:4235ffc0e84b
user:      rillig <rillig%NetBSD.org@localhost>
date:      Sun Jun 20 11:00:18 2021 +0000

description:
lint: fix segmentation fault for malformed struct

Code to trigger this bug: struct{char a(_)0}

Found using afl.

diffstat:

 usr.bin/xlint/lint1/decl.c |  5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diffs (26 lines):

diff -r 065096b09e3b -r 4235ffc0e84b usr.bin/xlint/lint1/decl.c
--- a/usr.bin/xlint/lint1/decl.c        Sun Jun 20 10:38:54 2021 +0000
+++ b/usr.bin/xlint/lint1/decl.c        Sun Jun 20 11:00:18 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: decl.c,v 1.186 2021/06/19 15:51:11 rillig Exp $ */
+/* $NetBSD: decl.c,v 1.187 2021/06/20 11:00:18 rillig Exp $ */
 
 /*
  * Copyright (c) 1996 Christopher G. Demetriou.  All Rights Reserved.
@@ -38,7 +38,7 @@
 
 #include <sys/cdefs.h>
 #if defined(__RCSID) && !defined(lint)
-__RCSID("$NetBSD: decl.c,v 1.186 2021/06/19 15:51:11 rillig Exp $");
+__RCSID("$NetBSD: decl.c,v 1.187 2021/06/20 11:00:18 rillig Exp $");
 #endif
 
 #include <sys/param.h>
@@ -198,6 +198,7 @@ setcomplete(type_t *tp, bool complete)
 {
        tspec_t t;
 
+       lint_assert(tp != NULL);
        if ((t = tp->t_tspec) == ARRAY) {
                tp->t_incomplete_array = !complete;
        } else if (t == STRUCT || t == UNION) {



Home | Main Index | Thread Index | Old Index