CVS commit: src/usr.bin/make

Wed, 24 Aug 2022 14:04:09 -0700 

Module Name:    src
Committed By:   rillig
Date:           Wed Aug 24 21:03:57 UTC 2022

Modified Files:
        src/usr.bin/make: var.c
        src/usr.bin/make/unit-tests: varmod-match.mk

Log Message:
make: fix out-of-bounds read when parsing the ':M' modifier

Since at least 2009-01-17, probably already since 2006-02-18, when
modifiers were allowed to be nested expressions.


To generate a diff of this commit:
cvs rdiff -u -r1.1030 -r1.1031 src/usr.bin/make/var.c
cvs rdiff -u -r1.11 -r1.12 src/usr.bin/make/unit-tests/varmod-match.mk

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/usr.bin/make/var.c
diff -u src/usr.bin/make/var.c:1.1030 src/usr.bin/make/var.c:1.1031
--- src/usr.bin/make/var.c:1.1030	Wed Aug 24 20:22:10 2022
+++ src/usr.bin/make/var.c	Wed Aug 24 21:03:57 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: var.c,v 1.1030 2022/08/24 20:22:10 rillig Exp $	*/
+/*	$NetBSD: var.c,v 1.1031 2022/08/24 21:03:57 rillig Exp $	*/
 
 /*
  * Copyright (c) 1988, 1989, 1990, 1993
@@ -139,7 +139,7 @@
 #include "metachar.h"
 
 /*	"@(#)var.c	8.3 (Berkeley) 3/19/94" */
-MAKE_RCSID("$NetBSD: var.c,v 1.1030 2022/08/24 20:22:10 rillig Exp $");
+MAKE_RCSID("$NetBSD: var.c,v 1.1031 2022/08/24 21:03:57 rillig Exp $");
 
 /*
  * Variables are defined using one of the VAR=value assignments.  Their
@@ -2740,7 +2740,7 @@ ParseModifier_Match(const char **pp, con
 	int nest = 0;
 	const char *p;
 	for (p = mod + 1; *p != '\0' && !(*p == ':' && nest == 0); p++) {
-		if (*p == '\\' &&
+		if (*p == '\\' && p[1] != '\0' &&
 		    (IsDelimiter(p[1], ch) || p[1] == ch->startc)) {
 			if (!needSubst)
 				copy = true;

Index: src/usr.bin/make/unit-tests/varmod-match.mk
diff -u src/usr.bin/make/unit-tests/varmod-match.mk:1.11 src/usr.bin/make/unit-tests/varmod-match.mk:1.12
--- src/usr.bin/make/unit-tests/varmod-match.mk:1.11	Sat Jun 11 09:15:49 2022
+++ src/usr.bin/make/unit-tests/varmod-match.mk	Wed Aug 24 21:03:57 2022
@@ -1,4 +1,4 @@
-# $NetBSD: varmod-match.mk,v 1.11 2022/06/11 09:15:49 rillig Exp $
+# $NetBSD: varmod-match.mk,v 1.12 2022/08/24 21:03:57 rillig Exp $
 #
 # Tests for the :M variable modifier, which filters words that match the
 # given pattern.
@@ -280,3 +280,13 @@ n=	2
 .if ${PRIMES:M${:U2}} != "2"
 .  error
 .endif
+
+
+# Before var.c 1.1031 from 2022-08-24, the following expressions caused an
+# out-of-bounds read beyond the indirect ':M' modifiers.
+.if ${:U:${:UM\\}}		# The ':M' pattern need not be unescaped, the
+.  error			# resulting pattern is '\', it never matches
+.endif				# anything.
+.if ${:U:${:UM\\\:\\}}		# The ':M' pattern must be unescaped, the
+.  error			# resulting pattern is ':\', it never matches
+.endif				# anything.

Reply via email to