CVS commit: src

Roland Illig Sat, 21 Jan 2023 00:04:55 -0800

Module Name:    src
Committed By:   rillig
Date:           Sat Jan 21 08:04:43 UTC 2023


Modified Files:
        src/tests/usr.bin/xlint/lint1: gcc_typeof.c
        src/usr.bin/xlint/lint1: cgram.y

Log Message:
lint: fix null pointer dereference on invalid argument to __typeof__


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/tests/usr.bin/xlint/lint1/gcc_typeof.c
cvs rdiff -u -r1.426 -r1.427 src/usr.bin/xlint/lint1/cgram.y

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/tests/usr.bin/xlint/lint1/gcc_typeof.c
diff -u src/tests/usr.bin/xlint/lint1/gcc_typeof.c:1.4 src/tests/usr.bin/xlint/lint1/gcc_typeof.c:1.5
--- src/tests/usr.bin/xlint/lint1/gcc_typeof.c:1.4	Sun Apr 10 12:14:10 2022
+++ src/tests/usr.bin/xlint/lint1/gcc_typeof.c	Sat Jan 21 08:04:43 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: gcc_typeof.c,v 1.4 2022/04/10 12:14:10 rillig Exp $	*/
+/*	$NetBSD: gcc_typeof.c,v 1.5 2023/01/21 08:04:43 rillig Exp $	*/
 # 3 "gcc_typeof.c"
 
 /*
@@ -41,3 +41,16 @@ cast(double(*fn)(double))
  */
 int *volatile lock;
 const volatile __typeof__(lock) *lock_pointer = &lock;
+
+/*
+ * Before cgram.y 1.427 from 2023-01-21, lint crashed due to a null pointer
+ * dereference if the __typeof__ operator had an invalid argument.  Seen in
+ * _fc_atomic_ptr_cmpexch from fontconfig, which uses <stdatomic.h> provided
+ * by GCC, which in turn uses __auto_type and __typeof__, and lint doesn't
+ * know about __auto_type.
+ */
+void _fc_atomic_ptr_cmpexch(void)
+{
+	/* expect+1: error: 'expr' undefined [99] */
+	__typeof__ (expr) var = 0;
+}

Index: src/usr.bin/xlint/lint1/cgram.y
diff -u src/usr.bin/xlint/lint1/cgram.y:1.426 src/usr.bin/xlint/lint1/cgram.y:1.427
--- src/usr.bin/xlint/lint1/cgram.y:1.426	Sun Jan 15 00:05:38 2023
+++ src/usr.bin/xlint/lint1/cgram.y	Sat Jan 21 08:04:43 2023
@@ -1,5 +1,5 @@
 %{
-/* $NetBSD: cgram.y,v 1.426 2023/01/15 00:05:38 rillig Exp $ */
+/* $NetBSD: cgram.y,v 1.427 2023/01/21 08:04:43 rillig Exp $ */
 
 /*
  * Copyright (c) 1996 Christopher G. Demetriou.  All Rights Reserved.
@@ -35,7 +35,7 @@
 
 #include <sys/cdefs.h>
 #if defined(__RCSID)
-__RCSID("$NetBSD: cgram.y,v 1.426 2023/01/15 00:05:38 rillig Exp $");
+__RCSID("$NetBSD: cgram.y,v 1.427 2023/01/21 08:04:43 rillig Exp $");
 #endif
 
 #include <limits.h>
@@ -850,7 +850,7 @@ notype_type_specifier:		/* see C99 6.7.2
 		$$ = gettyp($1);
 	  }
 	| T_TYPEOF T_LPAREN expression T_RPAREN {	/* GCC extension */
-		$$ = block_dup_type($3->tn_type);
+		$$ = $3 != NULL ? block_dup_type($3->tn_type) : gettyp(INT);
 		$$->t_typeof = true;
 	  }
 	| struct_or_union_specifier {

CVS commit: src

Reply via email to