Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.bin/make Fix out-of-bounds read in Str_Match.
details: https://anonhg.NetBSD.org/src/rev/06782de9e8f9
branches: trunk
changeset: 1005215:06782de9e8f9
user: rillig <rillig%NetBSD.org@localhost>
date: Sun Dec 01 23:53:49 2019 +0000
description:
Fix out-of-bounds read in Str_Match.
diffstat:
usr.bin/make/str.c | 8 +++++---
usr.bin/make/unit-tests/varmod-edge.mk | 5 ++++-
2 files changed, 9 insertions(+), 4 deletions(-)
diffs (54 lines):
diff -r 91de6e9a0dc3 -r 06782de9e8f9 usr.bin/make/str.c
--- a/usr.bin/make/str.c Sun Dec 01 23:14:47 2019 +0000
+++ b/usr.bin/make/str.c Sun Dec 01 23:53:49 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: str.c,v 1.38 2017/04/21 22:15:44 sjg Exp $ */
+/* $NetBSD: str.c,v 1.39 2019/12/01 23:53:49 rillig Exp $ */
/*-
* Copyright (c) 1988, 1989, 1990, 1993
@@ -69,14 +69,14 @@
*/
#ifndef MAKE_NATIVE
-static char rcsid[] = "$NetBSD: str.c,v 1.38 2017/04/21 22:15:44 sjg Exp $";
+static char rcsid[] = "$NetBSD: str.c,v 1.39 2019/12/01 23:53:49 rillig Exp $";
#else
#include <sys/cdefs.h>
#ifndef lint
#if 0
static char sccsid[] = "@(#)str.c 5.8 (Berkeley) 6/1/90";
#else
-__RCSID("$NetBSD: str.c,v 1.38 2017/04/21 22:15:44 sjg Exp $");
+__RCSID("$NetBSD: str.c,v 1.39 2019/12/01 23:53:49 rillig Exp $");
#endif
#endif /* not lint */
#endif
@@ -407,6 +407,8 @@
return 0;
while ((*pattern != ']') && (*pattern != 0))
++pattern;
+ if (*pattern == 0)
+ --pattern;
goto thisCharOK;
}
/*
diff -r 91de6e9a0dc3 -r 06782de9e8f9 usr.bin/make/unit-tests/varmod-edge.mk
--- a/usr.bin/make/unit-tests/varmod-edge.mk Sun Dec 01 23:14:47 2019 +0000
+++ b/usr.bin/make/unit-tests/varmod-edge.mk Sun Dec 01 23:53:49 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: varmod-edge.mk,v 1.4 2019/11/30 03:53:45 rillig Exp $
+# $NetBSD: varmod-edge.mk,v 1.5 2019/12/01 23:53:49 rillig Exp $
#
# Tests for edge cases in variable modifiers.
#
@@ -67,6 +67,9 @@
#
# XXX: It is unexpected that no error is reported.
# See str.c, function Str_Match.
+#
+# Before 2019-12-02, this test case triggered an out-of-bounds read
+# in Str_Match.
TESTS+= M-pat-err
INP.M-pat-err= [ [[ [[[
MOD.M-pat-err= ${INP.M-pat-err:M${:U[[}}
Home |
Main Index |
Thread Index |
Old Index