[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-gawk] Core dump in gawk 4.2.0
|
From: |
arnold |
|
Subject: |
Re: [bug-gawk] Core dump in gawk 4.2.0 |
|
Date: |
Sun, 10 Dec 2017 10:02:35 -0700 |
|
User-agent: |
Heirloom mailx 12.4 7/29/08 |
Hi.
Thanks for sending in a bug report.
Jeremy Feusi <address@hidden> wrote:
> I am working on a project for school in which I use afl to find bugs in
> software and I decided to fuzz gawk. In doing so I disovered a segfault
> in r_interpret(). Running gdb it appears that on line 140 of interpret.h
> there is an attempt to access a null address.
> command:
> gawk '!_""' <file>
> where <file> is a file containing at least on character.
>
> result:
> gawk: cmd. line:1: (FILENAME=<file> FNR=1) fatal error: internal error
> Aborted (core dumped)
>
> I am using gawk 4.2.0 on arch linux.
> cheers
> Jeremy
The fix is below. I will get it into the Git repo shortly.
Thanks,
Arnold
---------------------------------------------------------------
diff --git a/awkgram.y b/awkgram.y
index 9f35143..bbc598d 100644
--- a/awkgram.y
+++ b/awkgram.y
@@ -1717,7 +1717,7 @@ non_post_simp_exp
} else {
if (do_optimize && $2->nexti == $2->lasti
&& $2->nexti->opcode == Op_push_i
- && ($2->nexti->memory->flags &
(MPFN|MPZN)) == 0
+ && ($2->nexti->memory->flags &
(MPFN|MPZN|INTLSTR)) == 0
) {
NODE *n = $2->nexti->memory;
if ((n->flags & STRING) != 0) {