- Remove confusing unused len fields from TAG and ENTRY
- Remove a couple of internal unused variables
- Prevent parse_path() from inserting empty ENTRYs into the list,
leading to a crash due to negative array access later on.
>From what I can tell, changing config.h affects man, whatis and apropos
only. In my testing none of them used the len fields.
The crash can be reproduced with this extreme example:
man -m ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: test
It's occasionally triggered by git $command --help.
Index: config.h
===================================================================
RCS file: /home/vcs/cvs/openbsd/src/usr.bin/man/config.h,v
retrieving revision 1.5
diff -u -p -r1.5 config.h
--- config.h 15 Sep 2004 22:20:03 -0000 1.5
+++ config.h 31 Jan 2012 03:14:47 -0000
@@ -38,13 +38,11 @@ typedef struct _tag {
TAILQ_HEAD(tqh, _entry) list; /* Queue of entries. */
char *s; /* Associated string. */
- size_t len; /* Length of 's'. */
} TAG;
typedef struct _entry {
TAILQ_ENTRY(_entry) q; /* Queue of entries. */
char *s; /* Associated string. */
- size_t len; /* Length of 's'. */
} ENTRY;
TAILQ_HEAD(_head, _tag);
Index: man.c
===================================================================
RCS file: /home/vcs/cvs/openbsd/src/usr.bin/man/man.c,v
retrieving revision 1.44
diff -u -p -r1.44 man.c
--- man.c 5 Jan 2012 21:46:15 -0000 1.44
+++ man.c 31 Jan 2012 03:14:47 -0000
@@ -95,7 +95,6 @@ main(int argc, char *argv[])
extern char *optarg;
extern int optind;
TAG *searchlist;
- ENTRY *ep;
glob_t pg;
size_t len;
int ch, f_cat, f_how, found;
@@ -339,6 +338,10 @@ parse_path(TAG *t, char *path)
char *p, *slashp;
while ((p = strsep(&path, ":")) != NULL) {
+ /* Skip emtpy fields */
+ if (*p == '\0')
+ continue;
+
if ((ep = malloc(sizeof(ENTRY))) == NULL)
err(1, NULL);
@@ -434,7 +437,7 @@ manual(char *page, TAG *tag, glob_t *pg)
{
ENTRY *ep, *e_sufp, *e_tag;
TAG *missp, *sufp;
- int anyfound, cnt, found, globres;
+ int anyfound, cnt, found;
char *p, buf[MAXPATHLEN];
anyfound = 0;
