mandoc: Fix a logic error: When both the first and the third column are

source@mandoc.bsd.lv
 help / color / mirror / Atom feed

* mandoc: Fix a logic error:  When both the first and the third column are
@ 2020-01-11 16:26 schwarze
  0 siblings, 0 replies; only message in thread
From: schwarze @ 2020-01-11 16:26 UTC (permalink / raw)
  To: source

Log Message:
-----------
Fix a logic error: 
When both the first and the third column are spans, do not use
the number of columns of the span starting in column two
for the span starting in column zero.

With afl, Jan Schreiber <jes at posteo dot de> found cases where 
this caused NULL pointer accesses because too many layout cells 
were consumed.

While here, make the code more similar at the three places 
that iterate over data cells.

Modified Files:
--------------
    mandoc:
        tbl_term.c

Revision Data
-------------
Index: tbl_term.c
===================================================================
RCS file: /home/cvs/mandoc/mandoc/tbl_term.c,v
retrieving revision 1.72
retrieving revision 1.73
diff -Ltbl_term.c -Ltbl_term.c -u -p -r1.72 -r1.73
--- tbl_term.c
+++ tbl_term.c
@@ -1,7 +1,7 @@
 /*	$Id$ */
 /*
  * Copyright (c) 2009, 2011 Kristaps Dzonsons <kristaps@bsd.lv>
- * Copyright (c) 2011-2019 Ingo Schwarze <schwarze@openbsd.org>
+ * Copyright (c) 2011-2020 Ingo Schwarze <schwarze@openbsd.org>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -267,11 +267,11 @@ term_tbl(struct termp *tp, const struct 
 				hspans--;
 				continue;
 			}
-			if (dp == NULL)
-				continue;
-			hspans = dp->hspans;
-			if (ic || sp->layout->first->pos != TBL_CELL_SPAN)
+			if (dp != NULL &&
+			    (ic || sp->layout->first->pos != TBL_CELL_SPAN)) {
+				hspans = dp->hspans;
 				dp = dp->next;
+			}
 		}
 
 		/* Set up a column for a right vertical frame. */
@@ -302,11 +302,11 @@ term_tbl(struct termp *tp, const struct 
 			tp->tcol++;
 			tp->col = 0;
 			tbl_data(tp, sp->opts, cp, dp, tp->tbl.cols + ic);
-			if (dp == NULL)
-				continue;
-			hspans = dp->hspans;
-			if (cp->pos != TBL_CELL_SPAN)
+			if (dp != NULL &&
+			    (ic || sp->layout->first->pos != TBL_CELL_SPAN)) {
+				hspans = dp->hspans;
 				dp = dp->next;
+			}
 		}
 		break;
 	}
@@ -425,11 +425,10 @@ term_tbl(struct termp *tp, const struct 
 					cp = cp->next;
 					continue;
 				}
-				if (dp != NULL) {
+				if (dp != NULL && (ic ||
+				    sp->layout->first->pos != TBL_CELL_SPAN)) {
 					hspans = dp->hspans;
-					if (ic || sp->layout->first->pos
-					    != TBL_CELL_SPAN)
-						dp = dp->next;
+					dp = dp->next;
 				}
 
 				/*
--
 To unsubscribe send an email to source+unsubscribe@mandoc.bsd.lv

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2020-01-11 16:26 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-11 16:26 mandoc: Fix a logic error: When both the first and the third column are schwarze

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).