Module Name: src
Committed By: rillig
Date: Sun Jul 24 20:25:23 UTC 2022
Modified Files:
src/usr.bin/make: parse.c
src/usr.bin/make/unit-tests: parse.exp parse.mk
Log Message:
make: fix out-of-bounds read when parsing an invalid line
Reported by Robert Morris in https://bugs.freebsd.org/265119.
Since 2021-12-14.
To generate a diff of this commit:
cvs rdiff -u -r1.680 -r1.681 src/usr.bin/make/parse.c
cvs rdiff -u -r1.2 -r1.3 src/usr.bin/make/unit-tests/parse.exp \
src/usr.bin/make/unit-tests/parse.mk
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/make/parse.c
diff -u src/usr.bin/make/parse.c:1.680 src/usr.bin/make/parse.c:1.681
--- src/usr.bin/make/parse.c:1.680 Sun Jun 12 13:37:32 2022
+++ src/usr.bin/make/parse.c Sun Jul 24 20:25:23 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: parse.c,v 1.680 2022/06/12 13:37:32 rillig Exp $ */
+/* $NetBSD: parse.c,v 1.681 2022/07/24 20:25:23 rillig Exp $ */
/*
* Copyright (c) 1988, 1989, 1990, 1993
@@ -105,7 +105,7 @@
#include "pathnames.h"
/* "@(#)parse.c 8.3 (Berkeley) 3/19/94" */
-MAKE_RCSID("$NetBSD: parse.c,v 1.680 2022/06/12 13:37:32 rillig Exp $");
+MAKE_RCSID("$NetBSD: parse.c,v 1.681 2022/07/24 20:25:23 rillig Exp $");
/*
* A file being read.
@@ -1104,10 +1104,12 @@ ParseDependencyOp(char **pp)
{
if (**pp == '!')
return (*pp)++, OP_FORCE;
- if ((*pp)[1] == ':')
+ if (**pp == ':' && (*pp)[1] == ':')
return *pp += 2, OP_DOUBLEDEP;
- else
+ else if (**pp == ':')
return (*pp)++, OP_DEPENDS;
+ else
+ return OP_NONE;
}
static void
@@ -1562,6 +1564,7 @@ ParseDependency(char *line)
ParseSpecial special; /* in special targets, the children are
* linked as children of the parent but not
* vice versa */
+ GNodeType op;
DEBUG1(PARSE, "ParseDependency(%s)\n", line);
p = line;
@@ -1575,7 +1578,12 @@ ParseDependency(char *line)
if (!Lst_IsEmpty(targets))
CheckSpecialMundaneMixture(special);
- ApplyDependencyOperator(ParseDependencyOp(&p));
+ op = ParseDependencyOp(&p);
+ if (op == OP_NONE) {
+ InvalidLineType(line);
+ goto out;
+ }
+ ApplyDependencyOperator(op);
pp_skip_whitespace(&p);
Index: src/usr.bin/make/unit-tests/parse.exp
diff -u src/usr.bin/make/unit-tests/parse.exp:1.2 src/usr.bin/make/unit-tests/parse.exp:1.3
--- src/usr.bin/make/unit-tests/parse.exp:1.2 Sat Jan 22 17:10:51 2022
+++ src/usr.bin/make/unit-tests/parse.exp Sun Jul 24 20:25:23 2022
@@ -1,5 +1,6 @@
make: "parse.mk" line 7: Makefile appears to contain unresolved CVS/RCS/??? merge conflicts
make: "parse.mk" line 14: Makefile appears to contain unresolved CVS/RCS/??? merge conflicts
+make: "parse.mk" line 24: Invalid line type
make: Fatal errors encountered -- cannot continue
make: stopped in unit-tests
exit status 1
Index: src/usr.bin/make/unit-tests/parse.mk
diff -u src/usr.bin/make/unit-tests/parse.mk:1.2 src/usr.bin/make/unit-tests/parse.mk:1.3
--- src/usr.bin/make/unit-tests/parse.mk:1.2 Sat Jan 22 17:10:51 2022
+++ src/usr.bin/make/unit-tests/parse.mk Sun Jul 24 20:25:23 2022
@@ -1,4 +1,4 @@
-# $NetBSD: parse.mk,v 1.2 2022/01/22 17:10:51 rillig Exp $
+# $NetBSD: parse.mk,v 1.3 2022/07/24 20:25:23 rillig Exp $
#
# Test those parts of the parsing that do not belong in any of the other
# categories.
@@ -12,3 +12,13 @@
# expect+1: Makefile appears to contain unresolved CVS/RCS/??? merge conflicts
>>>>>> new
+
+
+# Since parse.c 1.578 from 2021-12-14 and before parse.c 1.681 from
+# 2022-07-24, if a line of a makefile could only be a dependency specification
+# but didn't contain any of the dependency operators ':', '!', '::' and its
+# expansion ended with a space, make read a single byte from the memory beyond
+# the expanded line's terminating '\0'.
+#
+# https://bugs.freebsd.org/265119
+one-target ${:U }
