On Tue, 02 Mar 2021 12:40:37 -0700, "Todd C. Miller" wrote:
> The following appears to fix it. Basically the NUL terminator was
> being written to the end of the allocation but if we didn't fill
> the entire thing then malloc junk bytes could be processed.
Here's a more complete fix that corrects the amount of space
allocated. This is https://github.com/onetrueawk/awk/pull/112
- todd
Index: usr.bin/awk/b.c
===================================================================
RCS file: /cvs/src/usr.bin/awk/b.c,v
retrieving revision 1.35
diff -u -p -u -r1.35 b.c
--- usr.bin/awk/b.c 9 Dec 2020 20:00:11 -0000 1.35
+++ usr.bin/awk/b.c 2 Mar 2021 20:07:26 -0000
@@ -942,7 +942,7 @@ replace_repeat(const uschar *reptok, int
if (special_case == REPEAT_PLUS_APPENDED) {
size++; /* for the final + */
} else if (special_case == REPEAT_WITH_Q) {
- size += init_q + (atomlen+1)* n_q_reps;
+ size += init_q + (atomlen+1)* (n_q_reps-init_q);
} else if (special_case == REPEAT_ZERO) {
size += 2; /* just a null ERE: () */
}
@@ -971,11 +971,8 @@ replace_repeat(const uschar *reptok, int
}
}
memcpy(&buf[j], reptok+reptoklen, suffix_length);
- if (special_case == REPEAT_ZERO) {
- buf[j+suffix_length] = '\0';
- } else {
- buf[size] = '\0';
- }
+ j += suffix_length;
+ buf[j] = '\0';
/* free old basestr */
if (firstbasestr != basestr) {
if (basestr)
No comments:
Post a Comment