bug#75606: undefined behaviour in sort.c

Paul Eggert Thu, 16 Jan 2025 09:25:47 -0800

Thanks for reporting that. I installed the attached to fix it.

From e07161d4af89dbf82311ca396ac0916aa90b7301 Mon Sep 17 00:00:00 2001
From: Paul Eggert <egg...@cs.ucla.edu>
Date: Thu, 16 Jan 2025 09:20:45 -0800
Subject: [PATCH] sort: fix --debug buffer overrun


* src/sort.c (debug_key): Fix undefined behavior when a key ends
before it starts.  Problem reported by Bruno Haible
<https://bugs.gnu.org/75606>.
---
 src/sort.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/sort.c b/src/sort.c
index 997566240..0928fd57c 100644
--- a/src/sort.c
+++ b/src/sort.c
@@ -2373,7 +2373,11 @@ debug_key (struct line const *line, struct keyfield const *key)
       if (key->sword != SIZE_MAX)
         beg = begfield (line, key);
       if (key->eword != SIZE_MAX)
-        lim = limfield (line, key);
+        {
+          lim = limfield (line, key);
+          /* Treat field ends before field starts as empty fields.  */
+          lim = MAX (beg, lim);
+        }
 
       if ((key->skipsblanks && key->sword == SIZE_MAX)
           || key->month || key_numeric (key))
-- 
2.45.2

bug#75606: undefined behaviour in sort.c

Reply via email to