From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 26282 invoked by alias); 14 Jan 2018 14:05:24 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: List-Unsubscribe: X-Seq: 42271 Received: (qmail 28455 invoked by uid 1010); 14 Jan 2018 14:05:24 -0000 X-Qmail-Scanner-Diagnostics: from mail-pg0-f49.google.com by f.primenet.com.au (envelope-from , uid 7791) with qmail-scanner-2.11 (clamdscan: 0.99.2/21882. spamassassin: 3.4.1. Clear:RC:0(74.125.83.49):SA:0(1.8/5.0):. Processed in 2.604723 secs); 14 Jan 2018 14:05:24 -0000 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on f.primenet.com.au X-Spam-Level: * X-Spam-Status: No, score=1.8 required=5.0 tests=BAYES_00,FREEMAIL_FROM, FSL_HELO_FAKE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_PASS, T_DKIM_INVALID autolearn=no autolearn_force=no version=3.4.1 X-Envelope-From: joeypabalinas@gmail.com X-Qmail-Scanner-Mime-Attachments: |signature.asc| X-Qmail-Scanner-Zip-Files: | DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=Df1c9VzJuqJxVebVN3fzsa6yvfDh2XWMPC+B9xrN/uA=; b=viA41Wx0ddb3UvNjzk+n1YrwjqH3F7wqfwa+PFskQvnRqKM8FbFykyyR7f/wDOMcj3 7Bdut+ZZ66b8drgoO6zaG6WHjkCZlCG9JVCqZ1SblD7zMA43txVev5IWLbYdHxzEk7s5 Ksh1Sa6OFqX66+LFjltElkjGAeCuIhmm8JY6Ra4Yv7TPL4M9eTKWSR5S1meqmx4uUmUS eHZQ6trJ0u7+N1UdOKR/LVZXpKy0TSAN6ZNYnrLBvYttNI/pEbD+rC5LCHt7o69vOZm/ yzKubgTLGDKKI99ApDqrCtUuzr0zfFSON9caG94SE7114KVj0uOKJqfs7ohL5Gs1vCtE xIxw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=Df1c9VzJuqJxVebVN3fzsa6yvfDh2XWMPC+B9xrN/uA=; b=Km8b3JV51eDLDEA5YdOhk+qaUHB5Y92VI1PGkbByLWCDqq8tSFL5yj4E3g6LLK032O +etkO/J7K1nSPTji+iLe+Zeku1cFgaW4LVfogCVpO1SLVGRIr0vzRVl+AspfGJkoARRL 3bliig7GPyohRZI8hITaeJj2WTzNtE5wMD9k8kHMzE5eKLysEOQsEgRD2Y7Y8f6YeC5s 8qUGKlO1VgL7Pt2O79jnhUgFzKxhHyuiyTO5uO6056k1RXlEn6Yhh5jdE1w7dAfHhq7H C30MFgybKCtBHeSYvyPBiFPrPOHOrY39mJeFJQVaR/lFB+T53SrTz2eisr/tog6gU+MC FMLg== X-Gm-Message-State: AKGB3mLKyhAMomqVj+RKcp6hFVas7r2XqgcdkmBTdBoDH3t9nzhmwlWs nTLngzwMbE7sKO3cvybSJs4= X-Google-Smtp-Source: ACJfBosdg82PyNHqBXeCRIeHxJCJW7YbhO7aX1Giyfk42L7PbEdF0hE92AvFL3T9OLheFv3SNf7oEw== X-Received: by 10.99.94.69 with SMTP id s66mr25355792pgb.145.1515938719057; Sun, 14 Jan 2018 06:05:19 -0800 (PST) Date: Sun, 14 Jan 2018 04:05:16 -1000 From: Joey Pabalinas To: Bart Schaefer Cc: "zsh-workers@zsh.org" , Joey Pabalinas Subject: [PATCH v2] jp: fix segfaults during parameter expansion Message-ID: <20180114140516.ysym5an2egevervx@gmail.com> References: <20180114060557.hmrvpg6t4rdebgv6@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="5h7xfcxe5br7rds4" Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20171215 --5h7xfcxe5br7rds4 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Running `zsh -fc ': ${${(PAA)p[foo]}::=3Dx}'` in current zsh versions cause= s: > "segmentation fault (core dumped) zsh -fc ': ${${(PAA)p[foo]}::=3Dx}' Also happens when testing with machabot: > 19:42 > : ${${(PAA)p[foo]}::=3Dx} > 19:42 jp: zsh[248]: segfault at 0 ip b7dfcda3 sp bfeb9ebc > error 4 in libc-2.13.so[b7d84000+149000] Add a simple `dupstring(s2)` fallback instead of pointlessly trying to concatenate `s2` to NULL and segfaulting. Also added indication of empty string using `(nil)`; the empty string case should still provide a somewhat useful error message of > zsh:1: not an identifier: (nil) rather than > zsh:1: not an identifier: which is fairly confusing. Signed-off-by: Joey Pabalinas Requested-by: Bart Schaefer 3 files changed, 26 insertions(+), 4 deletions(-) diff --git a/Src/params.c b/Src/params.c index de7730ae735a44963c..44a942296f23ddf88f 100644 --- a/Src/params.c +++ b/Src/params.c @@ -3004,6 +3004,8 @@ assignsparam(char *s, char *val, int flags) int sstart, created =3D 0; =20 if (!isident(s)) { + if (!strcmp(s, "")) + s =3D "(nil)"; zerr("not an identifier: %s", s); zsfree(val); errflag |=3D ERRFLAG_ERROR; diff --git a/Src/string.c b/Src/string.c index 9e14ef94919c3e8ec5..7c24ab3c45777f31e9 100644 --- a/Src/string.c +++ b/Src/string.c @@ -126,9 +126,17 @@ mod_export char * zhtricat(char const *s1, char const *s2, char const *s3) { char *ptr; - size_t l1 =3D strlen(s1); - size_t l2 =3D strlen(s2); + size_t l1; + size_t l2; =20 + /* String duplicate fallback to prevent NULL derefs */ + if (!s1 && !s2) + return dupstring(s3); + if (!s1) + l1 =3D 0, s1 =3D s2; + else + l1 =3D strlen(s1); + l2 =3D strlen(s2); ptr =3D (char *)zhalloc(l1 + l2 + strlen(s3) + 1); strcpy(ptr, s1); strcpy(ptr + l1, s2); @@ -144,8 +152,12 @@ dyncat(const char *s1, const char *s2) { /* This version always uses space from the current heap. */ char *ptr; - size_t l1 =3D strlen(s1); + size_t l1; =20 + /* String duplicate fallback to prevent NULL derefs */ + if (!s1) + return dupstring(s2); + l1 =3D strlen(s1); ptr =3D (char *)zhalloc(l1 + strlen(s2) + 1); strcpy(ptr, s1); strcpy(ptr + l1, s2); @@ -158,8 +170,12 @@ bicat(const char *s1, const char *s2) { /* This version always uses permanently-allocated space. */ char *ptr; - size_t l1 =3D strlen(s1); + size_t l1; =20 + /* String duplicate fallback to prevent NULL derefs */ + if (!s1) + return dupstring(s2); + l1 =3D strlen(s1); ptr =3D (char *)zalloc(l1 + strlen(s2) + 1); strcpy(ptr, s1); strcpy(ptr + l1, s2); diff --git a/Src/subst.c b/Src/subst.c index d027e3d83cadc631a7..9a8c635e313687d046 100644 --- a/Src/subst.c +++ b/Src/subst.c @@ -3150,6 +3150,8 @@ paramsubst(LinkList l, LinkNode n, char **str, int qt= , int pf_flags, } if (*itype_end(s, IIDENT, 0)) { untokenize(s); + if (!strcmp(s, " ")) + s =3D "(nil)"; zerr("not an identifier: %s", s); return NULL; } @@ -3210,6 +3212,8 @@ paramsubst(LinkList l, LinkNode n, char **str, int qt= , int pf_flags, ++s; if (*itype_end(s, IIDENT, 0)) { untokenize(s); + if (!strcmp(s, "")) + s =3D "(nil)"; zerr("not an identifier: %s", s); return NULL; } --=20 2.15.1 --5h7xfcxe5br7rds4 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEKlZXrihdNOcUPZTNruvLfWhyVBkFAlpbY5wACgkQruvLfWhy VBmQOxAAiSOEESc3GUMtXEowPl+umxS4Hf1F14g2yJFZJiz96VI10P686qIG8eDO peuwSNYyE4efDMgfTMZAMQdMThceZNbc+Q5z/k5TjK7P+ebDDu5DqYtFl8fKCQ0i riUSGA4juUAVCrfgO0hhjuws/WHo21W4PXTzss8jGdd4QiW6SOgpagrY9p98LDb2 1Oy1bfkO9zhqEb0+fNSn92AnYJcD9SyZTScTrHE9l0XXFGmocIt6kjIxlfCAZO5a 2OeRDyvIchX0/Okwz79DIgocDhPOVDwN0/22iD90gAKjZbIE/Fq/ShWbKW5tdNEs 0B/zp/yhypuSBDm715uKDA2CSWPlXx8BYWxRwPGKMdzAiee+ohnF29z9Gp25nvXd lbXVS3Txnr++q1LME2NUnn1SPMwFvLqFV9GARJEIXNZ7UoW1WfluPAf4BDBAud0F gKarkOqU22s3ECKObZQTZ4Yjz2lewayjRIqlSo43zVtthE6NX/ds7veVBwydBQCl J9+SAK8XKuRGiLu29AZxgYtkTI/0EqoeTLkLl432VBwwZllbvsGM2oqpZSti5nTU jRn0f+e8aJf9eZbnAa3yA8KxvogmrCkMVRIm/zh6GNzNoqj2m7mpGd5TJvW5HIb8 8ofvJZ98S9J1hpNDbOyB19nYMCV+kvTuKE9ICSXJTo8HZYRkLdw= =K/Cu -----END PGP SIGNATURE----- --5h7xfcxe5br7rds4--