CVS commit: src/usr.bin/make

Sun, 01 Dec 2019 15:54:51 -0800 

Module Name:    src
Committed By:   rillig
Date:           Sun Dec  1 23:53:49 UTC 2019

Modified Files:
        src/usr.bin/make: str.c
        src/usr.bin/make/unit-tests: varmod-edge.mk

Log Message:
Fix out-of-bounds read in Str_Match.


To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 src/usr.bin/make/str.c
cvs rdiff -u -r1.4 -r1.5 src/usr.bin/make/unit-tests/varmod-edge.mk

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/usr.bin/make/str.c
diff -u src/usr.bin/make/str.c:1.38 src/usr.bin/make/str.c:1.39
--- src/usr.bin/make/str.c:1.38	Fri Apr 21 22:15:44 2017
+++ src/usr.bin/make/str.c	Sun Dec  1 23:53:49 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: str.c,v 1.38 2017/04/21 22:15:44 sjg Exp $	*/
+/*	$NetBSD: str.c,v 1.39 2019/12/01 23:53:49 rillig Exp $	*/
 
 /*-
  * Copyright (c) 1988, 1989, 1990, 1993
@@ -69,14 +69,14 @@
  */
 
 #ifndef MAKE_NATIVE
-static char rcsid[] = "$NetBSD: str.c,v 1.38 2017/04/21 22:15:44 sjg Exp $";
+static char rcsid[] = "$NetBSD: str.c,v 1.39 2019/12/01 23:53:49 rillig Exp $";
 #else
 #include <sys/cdefs.h>
 #ifndef lint
 #if 0
 static char     sccsid[] = "@(#)str.c	5.8 (Berkeley) 6/1/90";
 #else
-__RCSID("$NetBSD: str.c,v 1.38 2017/04/21 22:15:44 sjg Exp $");
+__RCSID("$NetBSD: str.c,v 1.39 2019/12/01 23:53:49 rillig Exp $");
 #endif
 #endif				/* not lint */
 #endif
@@ -407,6 +407,8 @@ Str_Match(const char *string, const char
 				return 0;
 			while ((*pattern != ']') && (*pattern != 0))
 				++pattern;
+			if (*pattern == 0)
+				--pattern;
 			goto thisCharOK;
 		}
 		/*

Index: src/usr.bin/make/unit-tests/varmod-edge.mk
diff -u src/usr.bin/make/unit-tests/varmod-edge.mk:1.4 src/usr.bin/make/unit-tests/varmod-edge.mk:1.5
--- src/usr.bin/make/unit-tests/varmod-edge.mk:1.4	Sat Nov 30 03:53:45 2019
+++ src/usr.bin/make/unit-tests/varmod-edge.mk	Sun Dec  1 23:53:49 2019
@@ -1,4 +1,4 @@
-# $NetBSD: varmod-edge.mk,v 1.4 2019/11/30 03:53:45 rillig Exp $
+# $NetBSD: varmod-edge.mk,v 1.5 2019/12/01 23:53:49 rillig Exp $
 #
 # Tests for edge cases in variable modifiers.
 #
@@ -67,6 +67,9 @@ EXP.M-nest-brk=	[
 #
 # XXX: It is unexpected that no error is reported.
 # See str.c, function Str_Match.
+#
+# Before 2019-12-02, this test case triggered an out-of-bounds read
+# in Str_Match.
 TESTS+=		M-pat-err
 INP.M-pat-err=	[ [[ [[[
 MOD.M-pat-err=	${INP.M-pat-err:M${:U[[}}

Reply via email to