Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.bin/make make(1): fix undefined behavior in :S modifier
details: https://anonhg.NetBSD.org/src/rev/3b642d35b0e3
branches: trunk
changeset: 974019:3b642d35b0e3
user: rillig <rillig%NetBSD.org@localhost>
date: Mon Jul 20 15:15:32 2020 +0000
description:
make(1): fix undefined behavior in :S modifier
The expression word + wordLen - leftLen had resulted in an out-of-bounds
pointer before. Luckily the heap addresses were high enough in typical
applications to prevent a wrap-around.
diffstat:
usr.bin/make/var.c | 16 +++++++++-------
1 files changed, 9 insertions(+), 7 deletions(-)
diffs (44 lines):
diff -r f612a86f6306 -r 3b642d35b0e3 usr.bin/make/var.c
--- a/usr.bin/make/var.c Mon Jul 20 15:11:29 2020 +0000
+++ b/usr.bin/make/var.c Mon Jul 20 15:15:32 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: var.c,v 1.279 2020/07/20 15:10:35 rillig Exp $ */
+/* $NetBSD: var.c,v 1.280 2020/07/20 15:15:32 rillig Exp $ */
/*
* Copyright (c) 1988, 1989, 1990, 1993
@@ -69,14 +69,14 @@
*/
#ifndef MAKE_NATIVE
-static char rcsid[] = "$NetBSD: var.c,v 1.279 2020/07/20 15:10:35 rillig Exp $";
+static char rcsid[] = "$NetBSD: var.c,v 1.280 2020/07/20 15:15:32 rillig Exp $";
#else
#include <sys/cdefs.h>
#ifndef lint
#if 0
static char sccsid[] = "@(#)var.c 8.3 (Berkeley) 3/19/94";
#else
-__RCSID("$NetBSD: var.c,v 1.279 2020/07/20 15:10:35 rillig Exp $");
+__RCSID("$NetBSD: var.c,v 1.280 2020/07/20 15:15:32 rillig Exp $");
#endif
#endif /* not lint */
#endif
@@ -1379,11 +1379,13 @@
}
if (pattern->pflags & VARP_MATCH_END) {
- const char *cp = word + (wordLen - pattern->leftLen);
- if (cp < word || strncmp(cp, pattern->lhs, pattern->leftLen) != 0)
+ if (wordLen < (size_t)pattern->leftLen)
goto nosub;
-
- SepBuf_AddBytes(buf, word, cp - word);
+ const char *start = word + (wordLen - pattern->leftLen);
+ if (memcmp(start, pattern->lhs, pattern->leftLen) != 0)
+ goto nosub;
+
+ SepBuf_AddBytes(buf, word, start - word);
SepBuf_AddBytes(buf, pattern->rhs, pattern->rightLen);
pattern->pflags |= VARP_SUB_MATCHED;
return;
Home |
Main Index |
Thread Index |
Old Index