From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 29442 invoked from network); 30 Oct 2023 22:39:44 -0000 Received: from zero.zsh.org (2a02:898:31:0:48:4558:7a:7368) by inbox.vuxu.org with ESMTPUTF8; 30 Oct 2023 22:39:44 -0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=zsh.org; s=rsa-20210803; h=List-Archive:List-Owner:List-Post:List-Unsubscribe: List-Subscribe:List-Help:List-Id:Sender:Message-ID:Date:Content-ID: Content-Type:MIME-Version:Subject:To:References:From:In-reply-to:cc:Reply-To: Content-Transfer-Encoding:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID; bh=hBqK4OgchkQiw330P7ZB4LNAHqgM8iAQYXB7frPZKBE=; b=dzplNfd+5Xo3+QLbfHNK6HVnNZ yo9t3d7Mdc5zwnhzs7paE7rNoTvmLp1VHPpXj4CItiOVRAIn7Ujp22a86DHbG7uXw4dua28DGwBQY Q/V7V3PAnmAtVhU0e0jZryTYrPxx9EbYufnOOfLn5gd/G/2AJ+lnRAy5a4K05E2kpMxArfMn1FORr sBVv2FF5oXMEtAyyCOFTDNzVq5+wwAiUg3gEzWgncCOLRkzxvZ3vUOhX/Twv/bZnMkGQYtum+pvyy bIqFSL316toUtkHbZWoPket2Xg6DMz9oMr5ZnEzQV5zcYwZ4+kJzWy+uOIQfFu7YixDQ9xZoqD+el cqUmuhOQ==; Received: by zero.zsh.org with local id 1qxav8-0002Lx-I2; Mon, 30 Oct 2023 22:39:42 +0000 Received: by zero.zsh.org with esmtpsa (TLS1.3:TLS_AES_256_GCM_SHA384:256) id 1qxaus-00023t-5s; Mon, 30 Oct 2023 22:39:27 +0000 Received: from [192.168.178.21] (helo=hydra) by mail.kiddle.eu with esmtp(Exim 4.95) (envelope-from ) id 1qxauq-000HaW-S2; Mon, 30 Oct 2023 23:39:25 +0100 cc: Zsh hackers list In-reply-to: From: Oliver Kiddle References: <652dee2ec786c_bbea62e6ad4f459a85503b@prd-scan-dashboard-0.mail> To: Bart Schaefer Subject: Re: Fwd: New Defects reported by Coverity Scan for zsh MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <67610.1698705564.1@hydra> Date: Mon, 30 Oct 2023 23:39:24 +0100 Message-ID: <67611-1698705564.862172@yJ0V.P_S_.gqjr> X-Seq: 52252 Archived-At: X-Loop: zsh-workers@zsh.org Errors-To: zsh-workers-owner@zsh.org Precedence: list Precedence: bulk Sender: zsh-workers-request@zsh.org X-no-archive: yes List-Id: List-Help: , List-Subscribe: , List-Unsubscribe: , List-Post: List-Owner: List-Archive: On 18 Oct, Bart Schaefer wrote: > > *** CID 1547827: Null pointer dereferences (FORWARD_NULL) > > /Src/Modules/pcre.c: 370 in bin_pcre_match() > > >>> Passing null pointer "named" to "zpcre_get_substrings", which dereferences it. > > This is from Oliver's 51738 (PCRE's alternative DFA), I'm not going to > interpret futher. The DFA matching doesn't support captures so I wouldn't expect it to find any. However it counts them at compile time rather than when matching so explicitly guarding against this condition probably is needed. Oliver diff --git a/Src/Modules/pcre.c b/Src/Modules/pcre.c index 96f3c6e65..f5cda6d38 100644 --- a/Src/Modules/pcre.c +++ b/Src/Modules/pcre.c @@ -187,7 +187,8 @@ zpcre_get_substrings(pcre2_code *pat, char *arg, pcre2_match_data *mdata, setaparam(substravar, matches); } - if (!pcre2_pattern_info(pat, PCRE2_INFO_NAMECOUNT, &ncount) && ncount + if (namedassoc + && !pcre2_pattern_info(pat, PCRE2_INFO_NAMECOUNT, &ncount) && ncount && !pcre2_pattern_info(pat, PCRE2_INFO_NAMEENTRYSIZE, &nsize) && !pcre2_pattern_info(pat, PCRE2_INFO_NAMETABLE, &ntable)) {