Module Name: src
Committed By: rillig
Date: Sun Jun 20 11:42:26 UTC 2021
Modified Files:
src/tests/usr.bin/xlint/lint1: d_gcc_compound_statements1.c
d_gcc_compound_statements1.exp
src/usr.bin/xlint/lint1: cgram.y
Log Message:
lint: fix crash on semantically wrong code in ({...})
Found by afl.
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 \
src/tests/usr.bin/xlint/lint1/d_gcc_compound_statements1.c
cvs rdiff -u -r1.1 -r1.2 \
src/tests/usr.bin/xlint/lint1/d_gcc_compound_statements1.exp
cvs rdiff -u -r1.228 -r1.229 src/usr.bin/xlint/lint1/cgram.y
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/tests/usr.bin/xlint/lint1/d_gcc_compound_statements1.c
diff -u src/tests/usr.bin/xlint/lint1/d_gcc_compound_statements1.c:1.5 src/tests/usr.bin/xlint/lint1/d_gcc_compound_statements1.c:1.6
--- src/tests/usr.bin/xlint/lint1/d_gcc_compound_statements1.c:1.5 Sat Jun 19 15:51:11 2021
+++ src/tests/usr.bin/xlint/lint1/d_gcc_compound_statements1.c Sun Jun 20 11:42:26 2021
@@ -1,4 +1,4 @@
-/* $NetBSD: d_gcc_compound_statements1.c,v 1.5 2021/06/19 15:51:11 rillig Exp $ */
+/* $NetBSD: d_gcc_compound_statements1.c,v 1.6 2021/06/20 11:42:26 rillig Exp $ */
# 3 "d_gcc_compound_statements1.c"
/* GCC compound statement with expression */
@@ -22,3 +22,15 @@ foo(unsigned long z)
int c = ({
return 3; /* expect: return outside function */
}); /* expect: cannot initialize 'int' from 'void' */
+
+void
+function(void)
+{
+ /*
+ * Before cgram.y 1.229 from 2021-06-20, lint crashed due to the
+ * syntax error, which made an expression NULL.
+ */
+ ({
+ 0->e; /* expect: type 'int' does not have member 'e' */
+ });
+}
Index: src/tests/usr.bin/xlint/lint1/d_gcc_compound_statements1.exp
diff -u src/tests/usr.bin/xlint/lint1/d_gcc_compound_statements1.exp:1.1 src/tests/usr.bin/xlint/lint1/d_gcc_compound_statements1.exp:1.2
--- src/tests/usr.bin/xlint/lint1/d_gcc_compound_statements1.exp:1.1 Sat Jun 19 15:51:11 2021
+++ src/tests/usr.bin/xlint/lint1/d_gcc_compound_statements1.exp Sun Jun 20 11:42:26 2021
@@ -1,2 +1,3 @@
d_gcc_compound_statements1.c(23): error: syntax error 'return outside function' [249]
d_gcc_compound_statements1.c(24): error: cannot initialize 'int' from 'void' [185]
+d_gcc_compound_statements1.c(34): error: type 'int' does not have member 'e' [101]
Index: src/usr.bin/xlint/lint1/cgram.y
diff -u src/usr.bin/xlint/lint1/cgram.y:1.228 src/usr.bin/xlint/lint1/cgram.y:1.229
--- src/usr.bin/xlint/lint1/cgram.y:1.228 Sat Jun 19 19:49:15 2021
+++ src/usr.bin/xlint/lint1/cgram.y Sun Jun 20 11:42:25 2021
@@ -1,5 +1,5 @@
%{
-/* $NetBSD: cgram.y,v 1.228 2021/06/19 19:49:15 rillig Exp $ */
+/* $NetBSD: cgram.y,v 1.229 2021/06/20 11:42:25 rillig Exp $ */
/*
* Copyright (c) 1996 Christopher G. Demetriou. All Rights Reserved.
@@ -35,7 +35,7 @@
#include <sys/cdefs.h>
#if defined(__RCSID) && !defined(lint)
-__RCSID("$NetBSD: cgram.y,v 1.228 2021/06/19 19:49:15 rillig Exp $");
+__RCSID("$NetBSD: cgram.y,v 1.229 2021/06/20 11:42:25 rillig Exp $");
#endif
#include <limits.h>
@@ -2028,12 +2028,17 @@ gcc_statement_expr_item:
$$->tn_type = gettyp(VOID);
}
| expr T_SEMI {
- /* XXX: We should really do that only on the last name */
- if ($1->tn_op == NAME)
- $1->tn_sym->s_used = true;
- $$ = $1;
- expr($1, false, false, false, false);
- seen_fallthrough = false;
+ if ($1 == NULL) { /* in case of syntax errors */
+ $$ = expr_zalloc_tnode();
+ $$->tn_type = gettyp(VOID);
+ } else {
+ /* XXX: do that only on the last name */
+ if ($1->tn_op == NAME)
+ $1->tn_sym->s_used = true;
+ $$ = $1;
+ expr($1, false, false, false, false);
+ seen_fallthrough = false;
+ }
}
;
