midfavila/awk
1
0
Fork 0
Code Issues Pull Requests Projects Releases1 Wiki Activity

Avoid accessing pfile[] out of bounds on syntax error at EOF. ()

Browse Source 
When awk reaches EOF parsing the program file, curpfile is incremented.
However, cursource() uses curpfile without checking it against npfile
which can cause an out of bounds access of pfile[] if there is a syntax
error at the end of the program file.
This commit is contained in:
Todd C. Miller 2020-07-29 12:31:29 -06:00 committed by GitHub
parent e22bb7c625
commit 453ce8642b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 6 additions and 1 deletions

1
bugs-fixed/pfile-overflow.awk Normal file

@ -0,0 +1 @@
\

4
bugs-fixed/pfile-overflow.ok Normal file

@ -0,0 +1,4 @@
../a.out: syntax error at source line 1 source file pfile-overflow.awk
context is
>>> <<<
../a.out: bailing out at source line 1 source file pfile-overflow.awk

2
main.c

@ -256,7 +256,7 @@ int pgetc(void) /* get 1 character from awk program */
char *cursource(void) /* current source file name */
{
if (npfile > 0)
return pfile[curpfile];
return pfile[curpfile < npfile ? curpfile : curpfile - 1];
else
return NULL;
}