Re: bin/54069

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,thorpej%me.com@localhost
Subject: Re: bin/54069
From: Ingo Schwarze <schwarze%usta.de@localhost>
Date: Fri, 29 Mar 2019 21:50:01 +0000 (UTC)

The following reply was made to PR bin/54069; it has been noted by GNATS.

From: Ingo Schwarze <schwarze%usta.de@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: Thomas Klausner <wiz%NetBSD.org@localhost>, Christos Zoulas <christos%netbsd.org@localhost>,
	Jason Thorpe <horpej%me.com@localhost>
Subject: Re: bin/54069
Date: Fri, 29 Mar 2019 22:46:20 +0100

 Hi,

 thanks to Jason for finding and reporting the bug, to Thomas for
 making me aware of the PR, and to Christos for his commit, which
 helped me understanding the bug.

 I just fixed it upstream:

   http://mandoc.bsd.lv/cgi-bin/cvsweb/out.c#rev1.78

 Note that my patch is smaller than Christos' and at a different
 place.  It is easier to understand because that is where maxcol is
 originally calculated.  Changing it later when it has already been
 used for various purposes is somewhat confusing.   Maybe you want
 to merge the upstream patch, to ease future updates and to avoid
 ultimately ending up with a double fix.

 Thanks,
   Ingo

 Log Message:
 -----------
 Set the maximum column index in a tbl(7) to the maximum *right* edge 
 of any cell span, not to the maximum *left* edge, which may be smaller 
 if the last column of the table is only reached by horizontal spans,
 but not by any regular cell in any row of the table.
 Otherwise, the algorithm calculating column widths accessed memomy
 after the end of the colwidth[] array, while it was trying to handle 
 the rightmost column(s).

 Crash reported by Jason Thorpe <thorpej at NetBSD>
 via https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=54069
 and via Thomas Klausner (wiz@).
 Christos@ Zoulas sent a (correct, but slightly confusing) patch.
 The patch i'm committing here is easier to understand.

 Modified Files:
 --------------
     mandoc:
         out.c

 Revision Data
 -------------
 Index: out.c
 ===================================================================
 RCS file: /home/cvs/mandoc/mandoc/out.c,v
 retrieving revision 1.77
 retrieving revision 1.78
 diff -Lout.c -Lout.c -u -p -r1.77 -r1.78
 --- out.c
 +++ out.c
 @@ -149,7 +149,7 @@ tblcalc(struct rofftbl *tbl, const struc
  		gp = &first_group;
  		for (dp = sp->first; dp != NULL; dp = dp->next) {
  			icol = dp->layout->col;
 -			while (icol > maxcol)
 +			while (maxcol < icol + dp->hspans)
  				tbl->cols[++maxcol].spacing = SIZE_MAX;
  			col = tbl->cols + icol;
  			col->flags |= dp->layout->flags;

Prev by Date: Re: bin/54069
Next by Date: port-vax/54089: vax installer does not boot (init dies)
Previous by Thread: Re: bin/54069
Next by Thread: port-vax/54089: vax installer does not boot (init dies)
Indexes:

Home | Main Index | Thread Index | Old Index