reproducible awk(1) segfault

To: tech-userlevel%netbsd.org@localhost
Subject: reproducible awk(1) segfault
From: Jukka Salmi <j+nbsd%2008.salmi.ch@localhost>
Date: 2008年1月21日 15:46:50 +0100

Hello,
on a current system awk(1) dumps core if some invalid printf formats
are used, e.g.
$ awk 'BEGIN { printf("%*"); }'
Segmentation fault (core dumped)
I'm not familiar with the code and only glanced at it, so I'm not sure
if the attache patch is a correct fix for the problem. However, it
seems to fix it...
Cheers, Jukka
-- 
bashian roulette:
$ ((RANDOM%6)) || rm -rf ~

Index: dist/nawk/run.c
===================================================================
RCS file: /cvsroot/src/dist/nawk/run.c,v
retrieving revision 1.17
diff -u -p -r1.17 run.c
--- dist/nawk/run.c 25 Oct 2007 22:22:41 -0000 1.17
+++ dist/nawk/run.c 21 Jan 2008 14:41:11 -0000
@@ -843,6 +843,8 @@ int format(char **pbuf, int *pbufsize, c
 break; /* the ansi panoply */
 if (*s == '*') {
 x = execute(a);
+ if (a == NULL)
+ FATAL("not enough args in printf(%s)", 
os);
 a = a->nnext;
 sprintf(t-1, "%d", fmtwd=(int) getfval(x));
 if (fmtwd < 0)

Prev by Date: RockRidge (was Re: Generic boot image) support in makefs(8)
Next by Date: swap-on-raidframe vs raidctl -P
Previous by Thread: realtime functions in userland
Next by Thread: swap-on-raidframe vs raidctl -P
Indexes:

Home | Main Index | Thread Index | Old Index