* [PATCH] don't let char class disturb end finding
@ 2015-06-17 6:16 Han Pingtian
2015-06-17 15:23 ` Bart Schaefer
0 siblings, 1 reply; 3+ messages in thread
From: Han Pingtian @ 2015-06-17 6:16 UTC (permalink / raw)
To: zsh-workers
Please review this patch. Thanks.
This patch try to fix this problem:
compadd -M '[[:lower:]123456]=...' will cause the end of class to be the
']' before 1 and will alloc range of memory less than enough for the
cpattern.
---
Src/Zle/complete.c | 28 ++++++++++++++++++++++++----
1 file changed, 24 insertions(+), 4 deletions(-)
diff --git a/Src/Zle/complete.c b/Src/Zle/complete.c
index ea5e41f..c3c6ac2 100644
--- a/Src/Zle/complete.c
+++ b/Src/Zle/complete.c
@@ -393,9 +393,12 @@ parse_pattern(char *name, char **sp, int *lp, char e, int *err)
if (*s == '[' || *s == '{') {
s = parse_class(n, s);
- if (!*s) {
+ if (!s || !*s) {
*err = 1;
- zwarnnam(name, "unterminated character class");
+ if (!s)
+ zwarnnam(name, "invalid character class");
+ else
+ zwarnnam(name, "unterminated character class");
return NULL;
}
s++;
@@ -439,7 +442,7 @@ parse_pattern(char *name, char **sp, int *lp, char e, int *err)
static char *
parse_class(Cpattern p, char *iptr)
{
- int endchar, firsttime = 1;
+ int endchar, firsttime = 1, rf = 0;
char *optr, *nptr;
if (*iptr++ == '[') {
@@ -456,9 +459,24 @@ parse_class(Cpattern p, char *iptr)
}
/* find end of class. End character can appear literally first. */
- for (optr = iptr; optr == iptr || *optr != endchar; optr++)
+ for (optr = iptr; optr == iptr || *optr != endchar; optr++) {
if (!*optr)
return optr;
+ if (endchar == ']') {
+ if (!rf && *optr == '[' && optr[1] == ':') {
+ rf--; //range start likely
+ optr++;
+ } else if (rf < 0) {
+ if (*optr == ':' && optr[1] == ']') {
+ rf++;
+ optr++;
+ }
+ }
+ }
+ }
+ if (rf < 0)
+ return NULL;
+
/*
* We can always fit the parsed class within the same length
* because of the tokenization (including a null byte).
@@ -479,6 +497,8 @@ parse_class(Cpattern p, char *iptr)
iptr = nptr + 2;
if (ch != PP_UNKWN)
*optr++ = STOUC(Meta) + ch;
+ else
+ return NULL;
} else {
/* characters stay metafied */
char *ptr1 = iptr;
--
1.9.3
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] don't let char class disturb end finding
2015-06-17 6:16 [PATCH] don't let char class disturb end finding Han Pingtian
@ 2015-06-17 15:23 ` Bart Schaefer
2015-06-18 1:39 ` Han Pingtian
0 siblings, 1 reply; 3+ messages in thread
From: Bart Schaefer @ 2015-06-17 15:23 UTC (permalink / raw)
To: zsh-workers
On Jun 17, 2:16pm, Han Pingtian wrote:
}
} This patch try to fix this problem:
}
} compadd -M '[[:lower:]123456]=...' will cause the end of class to be the
} ']' before 1 and will alloc range of memory less than enough for the
} cpattern.
I don't see anything obviously wrong with the patch, but when I try the
above example directly I get "unknown match specification character `['"
both before and after applying your patch (and no complaints of memory
misuse from valgrind, even before your patch). Is that the correct
example to reproduce the error?
I also tried '[[:lower:]123456]=[[:upper:]abcdef]' with the same result.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] don't let char class disturb end finding
2015-06-17 15:23 ` Bart Schaefer
@ 2015-06-18 1:39 ` Han Pingtian
0 siblings, 0 replies; 3+ messages in thread
From: Han Pingtian @ 2015-06-18 1:39 UTC (permalink / raw)
To: zsh-workers
On Wed, Jun 17, 2015 at 08:23:05AM -0700, Bart Schaefer wrote:
> On Jun 17, 2:16pm, Han Pingtian wrote:
> }
> } This patch try to fix this problem:
> }
> } compadd -M '[[:lower:]123456]=...' will cause the end of class to be the
> } ']' before 1 and will alloc range of memory less than enough for the
> } cpattern.
>
> I don't see anything obviously wrong with the patch, but when I try the
> above example directly I get "unknown match specification character `['"
> both before and after applying your patch (and no complaints of memory
> misuse from valgrind, even before your patch). Is that the correct
> example to reproduce the error?
>
> I also tried '[[:lower:]123456]=[[:upper:]abcdef]' with the same result.
Sorry, my fault. It should be 'M:[[:lower:]123456]=[[:upper:]abcdef]'
and for triggering memory misuse, I think we should use someting like
'M:[[:a:]123456]=[[:b:]abcdef]'. Then
469 optr = p->u.str = zhalloc((optr-iptr) + 1);
will alloc a memory 5 bytes long, but latter it will put 6 bytes into
this memory.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-06-18 1:49 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-06-17 6:16 [PATCH] don't let char class disturb end finding Han Pingtian
2015-06-17 15:23 ` Bart Schaefer
2015-06-18 1:39 ` Han Pingtian
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).