Hello,
a static analyzer we use for Oracle Solaris recently discovered odd
if () test/condition in yylex() here sbin/pfctl/parse.y:
5279 } else if (c == '\\') {
5280 if ((next = lgetc(quotec)) == EOF)
5281 return (0);
5282 if (next == quotec || c == ' ' || c == '\t')
5283 c = next;
5284 else if (next == '\n') {
5285 file->lineno++;
5286 continue;
5287 } else
5288 lungetc(next);
The analyzer thinks the condition at line 5282 should be changed to
5282 if (next == quotec)
because earlier line at 5279 grants the variable c holds backslash,
therefore it can't contain space or tab. The simple change is tempting,
but let's check the history first. That particular line has been
introduced 10+ years ago with commit message as follows:
in the lex... even inside quotes, a \ followed by space or tab should
expand to space or tab, and a \ followed by newline should be ignored
(as a line continuation). compatible with the needs of hoststated
(which has the most strict quoted string requirements), and ifstated
(where one commonly does line continuations in strings).
Comment above makes me thinking the intended change looks as follows:
5282 if (next == quotec || next == ' ' || next == '\t')
Patch below fixes all yylex() functions I could find using simple
find ./ -name "parse.y"
OK?
thanks and
regards
sashan
--------8<---------------8<---------------8<------------------8<--------
diff --git a/sbin/iked/parse.y b/sbin/iked/parse.y
index 112049cdc6a..e3bb32d838e 100644
--- a/sbin/iked/parse.y
+++ b/sbin/iked/parse.y
@@ -1385,7 +1385,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/sbin/ipsecctl/parse.y b/sbin/ipsecctl/parse.y
index 4b8f84704cc..cb1cb0a488b 100644
--- a/sbin/ipsecctl/parse.y
+++ b/sbin/ipsecctl/parse.y
@@ -1182,7 +1182,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index 0791c9c01d7..69fddacd214 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -5279,7 +5279,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/acme-client/parse.y b/usr.sbin/acme-client/parse.y
index bcc8325506a..feffaaee7a0 100644
--- a/usr.sbin/acme-client/parse.y
+++ b/usr.sbin/acme-client/parse.y
@@ -604,7 +604,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return 0;
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/bgpd/parse.y b/usr.sbin/bgpd/parse.y
index 9e2359f31a3..4d9ccc944eb 100644
--- a/usr.sbin/bgpd/parse.y
+++ b/usr.sbin/bgpd/parse.y
@@ -3106,7 +3106,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/dvmrpd/parse.y b/usr.sbin/dvmrpd/parse.y
index 65966206072..093566222b1 100644
--- a/usr.sbin/dvmrpd/parse.y
+++ b/usr.sbin/dvmrpd/parse.y
@@ -570,7 +570,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/eigrpd/parse.y b/usr.sbin/eigrpd/parse.y
index 1bb69f092c5..07316954ce1 100644
--- a/usr.sbin/eigrpd/parse.y
+++ b/usr.sbin/eigrpd/parse.y
@@ -819,7 +819,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/hostapd/parse.y b/usr.sbin/hostapd/parse.y
index b2736493ece..7bf8f9d40c1 100644
--- a/usr.sbin/hostapd/parse.y
+++ b/usr.sbin/hostapd/parse.y
@@ -1507,7 +1507,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/httpd/parse.y b/usr.sbin/httpd/parse.y
index 4851182f5cd..72410d5ef0e 100644
--- a/usr.sbin/httpd/parse.y
+++ b/usr.sbin/httpd/parse.y
@@ -1488,7 +1488,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/ifstated/parse.y b/usr.sbin/ifstated/parse.y
index 11577a6ca11..8540a46daa8 100644
--- a/usr.sbin/ifstated/parse.y
+++ b/usr.sbin/ifstated/parse.y
@@ -564,7 +564,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/iscsictl/parse.y b/usr.sbin/iscsictl/parse.y
index e86657fa633..b646b55487d 100644
--- a/usr.sbin/iscsictl/parse.y
+++ b/usr.sbin/iscsictl/parse.y
@@ -554,7 +554,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/ldapd/parse.y b/usr.sbin/ldapd/parse.y
index e33fea03a39..f8932145833 100644
--- a/usr.sbin/ldapd/parse.y
+++ b/usr.sbin/ldapd/parse.y
@@ -649,7 +649,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/ldomctl/parse.y b/usr.sbin/ldomctl/parse.y
index 359ff9a9e81..4d12d61fb8a 100644
--- a/usr.sbin/ldomctl/parse.y
+++ b/usr.sbin/ldomctl/parse.y
@@ -400,7 +400,8 @@ yylex(void)
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/ldpd/parse.y b/usr.sbin/ldpd/parse.y
index 5197bb0c368..8df22bd11cb 100644
--- a/usr.sbin/ldpd/parse.y
+++ b/usr.sbin/ldpd/parse.y
@@ -1042,7 +1042,8 @@ yylex(void)
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/lpd/parse.y b/usr.sbin/lpd/parse.y
index 324076cb4d3..aae2aec9735 100644
--- a/usr.sbin/lpd/parse.y
+++ b/usr.sbin/lpd/parse.y
@@ -424,7 +424,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/npppd/npppd/parse.y b/usr.sbin/npppd/npppd/parse.y
index ca620782175..4d8fd78b2f9 100644
--- a/usr.sbin/npppd/npppd/parse.y
+++ b/usr.sbin/npppd/npppd/parse.y
@@ -1231,7 +1231,8 @@ yylex(void)
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/ntpd/parse.y b/usr.sbin/ntpd/parse.y
index e30926b303e..a7127b4dc06 100644
--- a/usr.sbin/ntpd/parse.y
+++ b/usr.sbin/ntpd/parse.y
@@ -635,7 +635,8 @@ yylex(void)
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/ospf6d/parse.y b/usr.sbin/ospf6d/parse.y
index 6b5ff9591a3..4ead71a441f 100644
--- a/usr.sbin/ospf6d/parse.y
+++ b/usr.sbin/ospf6d/parse.y
@@ -815,7 +815,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/ospfd/parse.y b/usr.sbin/ospfd/parse.y
index 439ce8c831b..e8b291fc6d9 100644
--- a/usr.sbin/ospfd/parse.y
+++ b/usr.sbin/ospfd/parse.y
@@ -1009,7 +1009,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/rad/parse.y b/usr.sbin/rad/parse.y
index 8aedd2a499c..83ff6bdd799 100644
--- a/usr.sbin/rad/parse.y
+++ b/usr.sbin/rad/parse.y
@@ -626,7 +626,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/radiusd/parse.y b/usr.sbin/radiusd/parse.y
index 0b4a9b99368..e6895917365 100644
--- a/usr.sbin/radiusd/parse.y
+++ b/usr.sbin/radiusd/parse.y
@@ -563,7 +563,8 @@ yylex(void)
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/relayd/parse.y b/usr.sbin/relayd/parse.y
index c3fa2aef4dd..c0284855592 100644
--- a/usr.sbin/relayd/parse.y
+++ b/usr.sbin/relayd/parse.y
@@ -2519,7 +2519,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/ripd/parse.y b/usr.sbin/ripd/parse.y
index be6e1ede45c..bc78ff4d47e 100644
--- a/usr.sbin/ripd/parse.y
+++ b/usr.sbin/ripd/parse.y
@@ -595,7 +595,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/smtpd/parse.y b/usr.sbin/smtpd/parse.y
index c3177e3f058..fa00f6dc7a8 100644
--- a/usr.sbin/smtpd/parse.y
+++ b/usr.sbin/smtpd/parse.y
@@ -1852,7 +1852,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/snmpd/parse.y b/usr.sbin/snmpd/parse.y
index f9a878b7828..f50c5dfd529 100644
--- a/usr.sbin/snmpd/parse.y
+++ b/usr.sbin/snmpd/parse.y
@@ -835,7 +835,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/switchd/parse.y b/usr.sbin/switchd/parse.y
index 191e720e3a7..dc95947cc89 100644
--- a/usr.sbin/switchd/parse.y
+++ b/usr.sbin/switchd/parse.y
@@ -475,7 +475,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/vmd/parse.y b/usr.sbin/vmd/parse.y
index 545c7679049..73e4e353f62 100644
--- a/usr.sbin/vmd/parse.y
+++ b/usr.sbin/vmd/parse.y
@@ -942,7 +942,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/ypldap/parse.y b/usr.sbin/ypldap/parse.y
index 6048a3586c9..a6d647021bf 100644
--- a/usr.sbin/ypldap/parse.y
+++ b/usr.sbin/ypldap/parse.y
@@ -663,7 +663,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+ next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
