Update of bug #67899 (group groff):
Status: In Progress => Fixed
Privacy: Private => Public
Open/Closed: Open => Closed
_______________________________________________________
Follow-up Comment #3:
commit 9d67ffe9658ffa051b2ce2fa5cd70e339125cd6b
Author: G. Branden Robinson <[email protected]>
Date: Fri Jan 9 10:56:25 2026 -0600
[pic]: Regression-test Savannah #67899.
* src/preproc/pic/tests/do-not-crash-when-reading-macro-arguments.sh:
New file.
* src/preproc/pic/pic.am (pic_TESTS): Run test.
Test fails at this commit.
commit d66fd2256f346010b975ced3f66efed473bfeb81
Author: G. Branden Robinson <[email protected]>
Date: Fri Jan 9 11:05:31 2026 -0600
[pic]: Fix Savannah #67899.
* src/preproc/pic/lex.cpp (interpolate_macro_with_args): Shift test of
argument count so that it is performed for empty arguments as well as
populated ones. The misplacement of the test made it possible to
defeat that test by supplying an empty 32nd argument to a macro,
consequently overrunning stack storage allocated for this function's
local `argv` array.
Fixes <https://savannah.gnu.org/bugs/?67899>. Thanks to John de Armas
for the report and a reproducer, based on the "jumperblock" example from
our "doc/pic.ms" file. Problem appears to date back to groff's birth.
Also recast the warning diagnostic thrown in this situation to make it
clear that pic is talking about its own macro facility, not a *roff
formatter's.
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?67899>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
signature.asc
Description: PGP signature
