Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.bin/make make(1): prevent undefined behavior in loadfile...
details: https://anonhg.NetBSD.org/src/rev/8f49103f83e5
branches: trunk
changeset: 1017320:8f49103f83e5
user: rillig <rillig%NetBSD.org@localhost>
date: Tue Dec 22 06:48:33 2020 +0000
description:
make(1): prevent undefined behavior in loadfile_mmap
Reading a file without a trailing newline had resulted in an
out-of-bounds write, in the common case where the file is loaded via
mmap.
diffstat:
usr.bin/make/parse.c | 22 ++++++++++++++++++++--
1 files changed, 20 insertions(+), 2 deletions(-)
diffs (54 lines):
diff -r f9da985fa875 -r 8f49103f83e5 usr.bin/make/parse.c
--- a/usr.bin/make/parse.c Tue Dec 22 01:58:58 2020 +0000
+++ b/usr.bin/make/parse.c Tue Dec 22 06:48:33 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: parse.c,v 1.509 2020/12/21 02:09:34 rillig Exp $ */
+/* $NetBSD: parse.c,v 1.510 2020/12/22 06:48:33 rillig Exp $ */
/*
* Copyright (c) 1988, 1989, 1990, 1993
@@ -117,7 +117,7 @@
#include "pathnames.h"
/* "@(#)parse.c 8.3 (Berkeley) 3/19/94" */
-MAKE_RCSID("$NetBSD: parse.c,v 1.509 2020/12/21 02:09:34 rillig Exp $");
+MAKE_RCSID("$NetBSD: parse.c,v 1.510 2020/12/22 06:48:33 rillig Exp $");
/* types and constants */
@@ -2687,10 +2687,22 @@
if (ch == '\\') {
if (firstBackslash == NULL)
firstBackslash = p;
+ /*
+ * FIXME: In opt-file.mk, this command succeeds:
+ * printf '%s' 'V=v\' | make -r -f -
+ * Using an intermediate file fails though:
+ * printf '%s' 'V=v\' > backslash
+ * make -r -f backslash
+ *
+ * In loadedfile_mmap, the trailing newline is not
+ * added in every case, only if the file ends at a
+ * page boundary.
+ */
if (p[1] == '\n')
curFile->lineno++;
p += 2;
line_end = p;
+ assert(p <= curFile->buf_end);
continue;
}
@@ -2831,6 +2843,12 @@
}
/* We now have a line of data */
+ /*
+ * FIXME: undefined behavior since line_end points right
+ * after the allocated buffer. This becomes apparent when
+ * using a strict malloc implementation that adds canaries
+ * before and after the allocated space.
+ */
*line_end = '\0';
if (mode == GLM_FOR_BODY)
Home |
Main Index |
Thread Index |
Old Index