From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.3 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,UNPARSEABLE_RELAY autolearn=ham
	autolearn_force=no version=3.4.4
Received: (qmail 13189 invoked from network); 4 Apr 2021 06:38:58 -0000
Received: from zero.zsh.org (2a02:898:31:0:48:4558:7a:7368)
  by inbox.vuxu.org with ESMTPUTF8; 4 Apr 2021 06:38:58 -0000
ARC-Seal: i=1; cv=none; a=rsa-sha256; d=zsh.org; s=rsa-20200801; t=1617518338;
	 b=XRNXm8PCU6MdmISuMhD43szDeIUE6z6QecahqOm35vD0Tc9hgtkYZKdsadYitvvl8iWOZyitNK
	  jwjEY2wf1CmBcjk6uaxBhhEMZjcmla8wAmpNfL3Oh81h9cXRhnqeXbqHK7BcB2YsB4FTssk6U9
	  1mwubdNvsE3u1qxc/0hOLg4HUqgTGjSiNRgM61EJvrfyRj6aWFdtJKY2MMVhduJgXv45SsJz5h
	  hma4iTnwanpxr2YBRKtr6L13a9xtIR92ev5ZslB15kP94B90so3n7ZL0GXKQ+0CIUo2UbAPjlr
	  Fj/XdxuOOG5kUOhV0juZFqWjHVxIS0/D+j26us04iLJ9Pw==;
ARC-Authentication-Results: i=1; zsh.org;
	iprev=pass (snd00013-bg.im.kddi.ne.jp) smtp.remote-ip=27.86.113.13;
	dmarc=none header.from=kba.biglobe.ne.jp;
	arc=none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed; d=zsh.org; s=rsa-20200801; t=1617518338;
	bh=vfA7z4MRoDE7ZPsJHzVavZBoWER4mS0kQ4XQs49F2Jo=;
	h=List-Archive:List-Owner:List-Post:List-Unsubscribe:List-Subscribe:List-Help:
	  List-Id:Sender:Message-ID:In-Reply-To:To:References:Date:Subject:
	  MIME-Version:Content-Transfer-Encoding:Content-Type:From:DKIM-Signature;
	b=JjvZdMc0fF8Le3EOSDeuMCWUIBFTTXb8YIxlEVNPJ6UuYE0fJSu6302KIw23bARS09o9zQkiDx
	  9lvzcrq0qgUW6MsFGRFU8eRjTE9cdbtZrCuThfCFQPUdnTaX1GWHr7r4WYr7CFSDtxDttRIQpU
	  EX1v1UBb8NeDqfe/TqiFSI5kYoWV3yCedVk1UbFxG4bFgyYid2bVU82P8utKoo9o7UW4BS2ynb
	  R9pFLpWLCf7d2c4+sW+qMk+UZzSR52qhXz5rVcwsHbfW9GTm0oDI/vdeAjxGoBVK3SZgOa66/9
	  /rznDFDD7TOsBYNuDeX7NYe04xGsDcCiojH3SXremvBL2w==;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=zsh.org;
	s=rsa-20200801; h=List-Archive:List-Owner:List-Post:List-Unsubscribe:
	List-Subscribe:List-Help:List-Id:Sender:Message-Id:In-Reply-To:To:References:
	Date:Subject:Mime-Version:Content-Transfer-Encoding:Content-Type:From:
	Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID;
	bh=qfJkykxGmdLYdVGZlb3TZrbUFQXRM5z/SWFSfHYSpTI=; b=k7bj1lZeOJ6VcN3WtWaqbZby34
	kR59s+NUNtNteT7QcWSeEC/FRZCq0ZSmKVI1qd/3NhKjRZiCi/kp6aB/bFn/B/qj5UgzETVRwhwil
	EHpRiRJccuT+mEVUswST1EGmKZjc8Ryn03BO+7gZWzvc5rEYHRLRI7BnidZH0AQCaugAoVnAduWlT
	XluEm4ZvGb74CHJQCRO+DuOjxVSw5eiQ4Nsg5iKEwsOQJLassLqzST4BEV7kW7X0w2SlpdSJfFvmP
	N7nKJVRSTNpBZ6wY1u1sG/3jJ/wy16IDwdSVfELX21F7ckb9gghow2tfYZDclB4hC6F7h/UkSisIm
	h9Mw4x5Q==;
Received: from authenticated user by zero.zsh.org with local 
	id 1lSwPR-000GoJ-9O; Sun, 04 Apr 2021 06:38:57 +0000
Authentication-Results: zsh.org;
	iprev=pass (snd00013-bg.im.kddi.ne.jp) smtp.remote-ip=27.86.113.13;
	dmarc=none header.from=kba.biglobe.ne.jp;
	arc=none
Received: from snd00013-bg.im.kddi.ne.jp ([27.86.113.13]:34752 helo=omta0015.biglobe.ne.jp)
	by zero.zsh.org with esmtp 
	id 1lSwP6-000Geh-2t; Sun, 04 Apr 2021 06:38:37 +0000
Received: from mail.biglobe.ne.jp by omta0015.biglobe.ne.jp with ESMTP
          id <20210404063831734.JSXF.63715.mail.biglobe.ne.jp@biglobe.ne.jp>
          for <zsh-workers@zsh.org>; Sun, 4 Apr 2021 15:38:31 +0900
From: "Jun. T" <takimoto-j@kba.biglobe.ne.jp>
Content-Type: text/plain;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.17\))
Subject: Re: [PATCH 1/3] src: fix build warnings
Date: Sun, 4 Apr 2021 15:38:31 +0900
References: <20201231054131.682544-1-felipe.contreras@gmail.com>
 <20201231054131.682544-2-felipe.contreras@gmail.com>
 <8591b9d9-f2f0-4045-b8e2-d1b759a360c0@www.fastmail.com>
 <CAHYJk3QvTvjtvQFRfbn+r9S3f4mBC6Pfef6exG4HSE5BrU9EHg@mail.gmail.com>
 <CAMP44s05KAVSWP90NeZ5DnUOSTkKF4eEmFJqHCDxn6ERuG5BjQ@mail.gmail.com>
 <20210104051448.083bb483@tarpaulin.shahaf.local2>
 <36b56560-ba73-496b-b9b4-54d928a23b8f@www.fastmail.com>
To: zsh-workers@zsh.org
In-Reply-To: <36b56560-ba73-496b-b9b4-54d928a23b8f@www.fastmail.com>
Message-Id: <B88FE671-F35E-4656-A65C-8824129BB53C@kba.biglobe.ne.jp>
X-Mailer: Apple Mail (2.3445.104.17)
X-Biglobe-Sender: takimoto-j@kba.biglobe.ne.jp
X-Seq: 48389
Archived-At: <https://zsh.org/workers/48389>
X-Loop: zsh-workers@zsh.org
Errors-To: zsh-workers-owner@zsh.org
Precedence: list
Precedence: bulk
Sender: zsh-workers-request@zsh.org
X-no-archive: yes
List-Id: <zsh-workers.zsh.org>
List-Help: <mailto:sympa@zsh.org?subject=help>
List-Subscribe: <mailto:sympa@zsh.org?subject=subscribe%20zsh-workers>
List-Unsubscribe: <mailto:sympa@zsh.org?subject=unsubscribe%20zsh-workers>
List-Post: <mailto:zsh-workers@zsh.org>
List-Owner: <mailto:zsh-workers-request@zsh.org>
List-Archive: <http://www.zsh.org/sympa/arc/zsh-workers>
Archived-At: <http://www.zsh.org/sympa/arcsearch_id/zsh-workers/2021-04/B88FE671-F35E-4656-A65C-8824129BB53C%40kba.biglobe.ne.jp>

I've pushed the patch for pattern.c.

> 2021/03/28 4:28, Lawrence Vel=C3=A1zquez <vq@larryv.me> wrote:
>=20
> On Mon, Jan 4, 2021, at 12:14 AM, Daniel Shahaf wrote:
>> Felipe Contreras wrote on Sat, 02 Jan 2021 12:30 -0600:
>>> The best fix is to allocate one byte, especially if it's going to be
>>> freed later on.
>>=20
>> Yes, please revise the patch to allocate byte(s) from the heap as
>> needed.  (See comments at the top of mem.c, and, for instance,
>> dupstring() v. ztrdup().)
>=20
> Any plans to send a revised patch?


utils.c is more complicated.

getkeystring() returns a pointer to a string allocated from heap if
GETKEY_SINGLE_CHAR is not set.

But if it is set, it tries to find a next character (possibly multibyte)
in the given string, and returns the pointer to the byte following
the found character in the string.
There is no problem (aside from the compiler warning) if it finds the
next character.

But getkeystring() does return the pointer to tmp[] if it can't find
a next character.

Currently, GETKEY_SINGLE_CHAR is used only in one place in the zsh
source code; line 850 in math.c, in function zzlex():

                    ptr =3D getkeystring(ptr, NULL, GETKEYS_MATH, &v);

    GETKEYS_MATH is defined as
	(GETKEY_OCTAL_ESC|GETKEY_EMACS|GETKEY_CTRL|GETKEY_SINGLE_CHAR)

The code is used for finding a character after ## in arithmetic =
evaluation.
For example,

% echo $((##\M))
0

in this case 'ptr' does points to tmp[], and continues to be used for
further parsing. Although it seems we do not get coredump, I think this
needs be fixed.

In the patch below, I modified getkeystring() to return NULL if it can't
find the next character, and math.h to check the return value.



diff --git a/Src/math.c b/Src/math.c
index b57ba42d4..1d0d86639 100644
--- a/Src/math.c
+++ b/Src/math.c
@@ -840,13 +840,18 @@ zzlex(void)
 	    if (*ptr =3D=3D '#') {
 		if (*++ptr =3D=3D '\\' || *ptr =3D=3D '#') {
 		    int v;
+		    char *optr =3D ptr;
=20
 		    ptr++;
 		    if (!*ptr) {
 			zerr("bad math expression: character missing =
after ##");
 			return EOI;
 		    }
-		    ptr =3D getkeystring(ptr, NULL, GETKEYS_MATH, &v);
+		    if(!(ptr =3D getkeystring(ptr, NULL, GETKEYS_MATH, =
&v))) {
+			zerr("bad math expression: bad character after =
##");
+			ptr =3D optr;
+			return EOI;
+		    }
 		    yyval.u.l =3D v;
 		    return NUM;
 		}
diff --git a/Src/utils.c b/Src/utils.c
index 1ac064a4e..5a9222919 100644
--- a/Src/utils.c
+++ b/Src/utils.c
@@ -6697,13 +6697,21 @@ ucs4toutf8(char *dest, unsigned int wval)
  *
  * The return value is unmetafied unless GETKEY_DOLLAR_QUOTE is
  * in use.
+ *
+ * If GETKEY_SINGLE_CHAR is set in how, a next character in the given
+ * string is parsed, and the character code for it is returned in misc.
+ * The return value of the function is a pointer to the byte in the
+ * given string from where the next parsing should start. If the next
+ * character can't be found then NULL is returned.
+ * CAUTION: Currently, GETKEY_SINGLE_CHAR can be used only via
+ *          GETKEYS_MATH. Other use of it may cause trouble.
  */
=20
 /**/
 mod_export char *
 getkeystring(char *s, int *len, int how, int *misc)
 {
-    char *buf, tmp[1];
+    char *buf =3D NULL, tmp[1];
     char *t, *tdest =3D NULL, *u =3D NULL, *sstart =3D s, *tbuf =3D =
NULL;
     char svchar =3D '\0';
     int meta =3D 0, control =3D 0, ignoring =3D 0;
@@ -6729,9 +6737,11 @@ getkeystring(char *s, int *len, int how, int =
*misc)
     DPUTS((how & (GETKEY_DOLLAR_QUOTE|GETKEY_SINGLE_CHAR)) =3D=3D
 	  (GETKEY_DOLLAR_QUOTE|GETKEY_SINGLE_CHAR),
 	  "BUG: incompatible options in getkeystring");
+    DPUTS((how & GETKEY_SINGLE_CHAR) && (how !=3D GETKEYS_MATH),
+	  "BUG: unsupported options in getkeystring");
=20
     if (how & GETKEY_SINGLE_CHAR)
-	t =3D buf =3D tmp;
+	t =3D tmp;
     else {
 	/* Length including terminating NULL */
 	int maxlen =3D 1;
@@ -7165,13 +7175,20 @@ getkeystring(char *s, int *len, int how, int =
*misc)
      */
     DPUTS((how & (GETKEY_DOLLAR_QUOTE|GETKEY_UPDATE_OFFSET)) =3D=3D
 	  GETKEY_DOLLAR_QUOTE, "BUG: unterminated $' substitution");
-    *t =3D '\0';
-    if (how & GETKEY_DOLLAR_QUOTE)
-	*tdest =3D '\0';
-    if (how & GETKEY_SINGLE_CHAR)
+
+    if (how & GETKEY_SINGLE_CHAR) {
+	/* couldn't find a character */
 	*misc =3D 0;
-    else
-	*len =3D ((how & GETKEY_DOLLAR_QUOTE) ? tdest : t) - buf;
+	return NULL;
+    }
+    if (how & GETKEY_DOLLAR_QUOTE) {
+	*tdest =3D '\0';
+	*len =3D tdest - buf;
+    }
+    else {
+	*t =3D '\0';
+	*len =3D t - buf;
+    }
     return buf;
 }
=20