CVS commit: src/usr.bin/make

Wed, 24 Aug 2022 13:22:19 -0700 

Module Name:    src
Committed By:   rillig
Date:           Wed Aug 24 20:22:10 UTC 2022

Modified Files:
        src/usr.bin/make: var.c
        src/usr.bin/make/unit-tests: varmod-defined.mk

Log Message:
make: fix out-of-bounds read when parsing the ':D' modifier

Since 2000-04-29, when the ':D' and ':U' modifiers were added.


To generate a diff of this commit:
cvs rdiff -u -r1.1029 -r1.1030 src/usr.bin/make/var.c
cvs rdiff -u -r1.12 -r1.13 src/usr.bin/make/unit-tests/varmod-defined.mk

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/usr.bin/make/var.c
diff -u src/usr.bin/make/var.c:1.1029 src/usr.bin/make/var.c:1.1030
--- src/usr.bin/make/var.c:1.1029	Tue Aug 23 19:22:01 2022
+++ src/usr.bin/make/var.c	Wed Aug 24 20:22:10 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: var.c,v 1.1029 2022/08/23 19:22:01 rillig Exp $	*/
+/*	$NetBSD: var.c,v 1.1030 2022/08/24 20:22:10 rillig Exp $	*/
 
 /*
  * Copyright (c) 1988, 1989, 1990, 1993
@@ -139,7 +139,7 @@
 #include "metachar.h"
 
 /*	"@(#)var.c	8.3 (Berkeley) 3/19/94" */
-MAKE_RCSID("$NetBSD: var.c,v 1.1029 2022/08/23 19:22:01 rillig Exp $");
+MAKE_RCSID("$NetBSD: var.c,v 1.1030 2022/08/24 20:22:10 rillig Exp $");
 
 /*
  * Variables are defined using one of the VAR=value assignments.  Their
@@ -2465,7 +2465,8 @@ ParseModifier_Defined(const char **pp, M
 		/* See Buf_AddEscaped in for.c. */
 		if (*p == '\\') {
 			char c = p[1];
-			if (IsDelimiter(c, ch) || c == '$' || c == '\\') {
+			if ((IsDelimiter(c, ch) && c != '\0') ||
+			    c == '$' || c == '\\') {
 				if (shouldEval)
 					LazyBuf_Add(buf, c);
 				p += 2;

Index: src/usr.bin/make/unit-tests/varmod-defined.mk
diff -u src/usr.bin/make/unit-tests/varmod-defined.mk:1.12 src/usr.bin/make/unit-tests/varmod-defined.mk:1.13
--- src/usr.bin/make/unit-tests/varmod-defined.mk:1.12	Tue Nov 30 23:52:19 2021
+++ src/usr.bin/make/unit-tests/varmod-defined.mk	Wed Aug 24 20:22:10 2022
@@ -1,4 +1,4 @@
-# $NetBSD: varmod-defined.mk,v 1.12 2021/11/30 23:52:19 rillig Exp $
+# $NetBSD: varmod-defined.mk,v 1.13 2022/08/24 20:22:10 rillig Exp $
 #
 # Tests for the :D variable modifier, which returns the given string
 # if the variable is defined.  It is closely related to the :U modifier.
@@ -104,5 +104,13 @@ VAR:=		${VAR:D${8_DOLLARS}}
 VAR:=		${VAR:@var@${8_DOLLARS}@}
 .MAKEFLAGS: -d0
 
-all:
-	@:;
+
+# Before var.c 1.1030 from 2022-08-24, the following expression caused an
+# out-of-bounds read when parsing the indirect ':D' modifier.
+M_U_backslash:=	${:UU\\}
+.if ${:${M_U_backslash}} != "\\"
+.  error
+.endif
+
+
+all: .PHONY

Reply via email to