From 22aff9e657f95a2d37d33d7a3fd4d98595d7c9f3 Mon Sep 17 00:00:00 2001
From: Brian Kernighan <fakeuser@fake.com>
Date: Mon, 27 Aug 2018 08:52:34 -0400
Subject: [PATCH] disallow $ in printf formats

---
 FIXES       |   7 +++++++
 awktest.tar | Bin 6850560 -> 6871040 bytes
 run.c       |   9 ++++-----
 tran.c      |   6 +++---
 4 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/FIXES b/FIXES
index c697f34..d414c6d 100644
--- a/FIXES
+++ b/FIXES
@@ -25,6 +25,13 @@ THIS SOFTWARE.
 This file lists all bug fixes, changes, etc., made since the AWK book
 was sent to the printers in August, 1987.
 
+Aug 27, 2018:
+	Disallow '$' in printf formats; arguments evaluated in order
+	and printed in order.
+
+	Added some casts to silence warnings on debugging printfs.
+	(Thanks, Arnold.)
+
 Aug 23, 2018:
         A long list of fixes courtesy of Arnold Robbins,
         to whom profound thanks.
diff --git a/awktest.tar b/awktest.tar
index 31c6ad900d68ae5a1e3030fd0960deaa93316227..365234ac190acbb32f54d5654bb7c6e7c5b82d34 100644
GIT binary patch
delta 546
zcmchPOHUJF07X002UgLFf>see#wnvxaK4#3Q&9^=5K%yRC~tJIouM&(q@BbCk#uo>
z0Fgx#mtf-7UH=vdVGm7Mvi2^{O>RzZZFfIh`*#qoq0mB@3tZ$9muck+5w3ELHm-An
zC^u>67Psl3lRMlc#y#%S#RIzOLC}lJLp0*_q4S8xJfWWi0}S#M1Br=6l4saBq<GE{
zFL=o-(hM^~hEZNK#yD@7;4PE9<2_SMGs6cyGRqwEEbxiXEV9HhE3C4{Ivaf9D=wRS
zBTEhs|IgOWuiue+B;|Vp(vcy<Fr;l6%|4Ck*wP9~%SsxKBa`OoE~R5yAz|$G+S$KK
zY)fe<L;i7MLvw$87y9V<#N>?FE?4r!z!PfR)T$ybwdz_?O$gO(VpIL8i?mlN2{YX%
zBYq`U7OJl4qF4$<Iaev<gCLg``J!k(dZkLi4XX8w>nFO-wa$#jk>|IC8_{&jq4NK^
HXV~=<f$_4r

delta 252
zcmZ|9#ZdzR006*Af@^Sh_h7+8aEIXTS_N~DEr1z101DtoTa-Wr>|=xP&q(n05ebBZ
zMWjiWAybxYIdbL6SD;W-kzyrEl_^)DQk7~oYSpRNpiz@%En2l{*P&CFZasSS={F!|
z(2!vxM#YU8H(}D0X)_XLCC!<)V9}CgD^{&pw_($kZ97tS?b&zW(2-*&PMtY-;nJ0B
bH*Vdz_u$c!=dYL7pJ*cd8~X3}SUmLy*S%W5

diff --git a/run.c b/run.c
index c818a08..81b75da 100644
--- a/run.c
+++ b/run.c
@@ -114,7 +114,7 @@ int adjbuf(char **pbuf, int *psiz, int minlen, int quantum, char **pbptr,
 		if (rminlen)
 			minlen += quantum - rminlen;
 		tbuf = (char *) realloc(*pbuf, minlen);
-		dprintf( ("adjbuf %s: %d %d (pbuf=%p, tbuf=%p)\n", whatrtn, *psiz, minlen, *pbuf, tbuf) );
+		dprintf( ("adjbuf %s: %d %d (pbuf=%p, tbuf=%p)\n", whatrtn, *psiz, minlen, (void *) *pbuf, (void *) tbuf) );
 		if (tbuf == NULL) {
 			if (whatrtn)
 				FATAL("out of memory in %s", whatrtn);
@@ -859,6 +859,9 @@ int format(char **pbuf, int *pbufsize, const char *s, Node *a)	/* printf-like co
 				FATAL("format item %.30s... ran format() out of memory", os);
 			if (isalpha((uschar)*s) && *s != 'l' && *s != 'h' && *s != 'L')
 				break;	/* the ansi panoply */
+			if (*s == '$') {
+				FATAL("'$' not permitted in awk formats");
+			}
 			if (*s == '*') {
 				x = execute(a);
 				a = a->nnext;
@@ -874,7 +877,6 @@ int format(char **pbuf, int *pbufsize, const char *s, Node *a)	/* printf-like co
 		if (fmtwd < 0)
 			fmtwd = -fmtwd;
 		adjbuf(&buf, &bufsize, fmtwd+1+p-buf, recsize, &p, "format4");
-
 		switch (*s) {
 		case 'a': case 'A':
 			if (have_a_format)
@@ -1641,8 +1643,6 @@ Cell *printstat(Node **a, int n)	/* print a[0] */
 
 Cell *nullproc(Node **a, int n)
 {
-	n = n;
-	a = a;
 	return 0;
 }
 
@@ -1756,7 +1756,6 @@ Cell *closefile(Node **a, int n)
 	Cell *x;
 	int i, stat;
 
-	n = n;
 	x = execute(a[0]);
 	getsval(x);
 	stat = -1;
diff --git a/tran.c b/tran.c
index 06f32fc..72ca6ff 100644
--- a/tran.c
+++ b/tran.c
@@ -347,7 +347,7 @@ char *setsval(Cell *vp, const char *s)	/* set string val of a Cell */
 		fldno = atoi(vp->nval);
 		if (fldno > *NF)
 			newfld(fldno);
-		   dprintf( ("setting field %d to %s (%p)\n", fldno, s, s) );
+		   dprintf( ("setting field %d to %s (%p)\n", fldno, s, (void *) s) );
 	} else if (isrec(vp)) {
 		donefld = 0;	/* mark $1... invalid */
 		donerec = 1;
@@ -363,7 +363,7 @@ char *setsval(Cell *vp, const char *s)	/* set string val of a Cell */
 	vp->fmt = NULL;
 	setfree(vp);
 	   dprintf( ("setsval %p: %s = \"%s (%p) \", t=%o r,f=%d,%d\n", 
-		(void*)vp, NN(vp->nval), t,t, vp->tval, donerec, donefld) );
+		(void*)vp, NN(vp->nval), t, (void *) t, vp->tval, donerec, donefld) );
 	vp->sval = t;
 	if (&vp->fval == NF) {
 		donerec = 0;	/* mark $0 invalid */
@@ -477,7 +477,7 @@ static char *get_str_val(Cell *vp, char **fmt)        /* get string val of a Cel
 	}
 done:
 	   dprintf( ("getsval %p: %s = \"%s (%p)\", t=%o\n",
-		(void*)vp, NN(vp->nval), vp->sval, vp->sval, vp->tval) );
+		(void*)vp, NN(vp->nval), vp->sval, (void *) vp->sval, vp->tval) );
 	return(vp->sval);
 }