[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

gawk 3.1.4 bug in eval.c:r_tree_eval

From: Andrew J. Schorr
Subject: gawk 3.1.4 bug in eval.c:r_tree_eval
Date: Thu, 21 Apr 2005 14:13:46 -0400
User-agent: Mutt/1.4.1i


I believe there may be a bug in eval.c:r_tree_eval() in the case
Node_assign_concat section.  The existing code looks like this:

                if (l != r && (l->flags & PERM) == 0 && l->stref == 1) {
                        size_t nlen = l->stlen + r->stlen + 2;

                        erealloc(l->stptr, char *, nlen, "interpret");
                        memcpy(l->stptr + l->stlen, r->stptr, r->stlen);
                        l->stlen += r->stlen;
                } else {
                        char *nval;
                        size_t nlen = l->stlen + r->stlen + 2;

                        emalloc(nval, char *, nlen, "interpret");
                        memcpy(nval, l->stptr, l->stlen);
                        memcpy(nval + l->stlen, r->stptr, r->stlen);
                        *lhs = make_str_node(nval, l->stlen + r->stlen, 

The problem is in the "if" clause where the string is realloc'ed and
the new portion is appended: the '\0' character is not appended to
terminate the string.  The fix is simply to add a terminating '\0'
char; this gets valgrind and purify to stop complaining.

This is not a problem in the "else" clause because make_str_node
always adds the terminating '\0' char (even if ALREADY_MALLOCED).

A suggested patch is attached.  This has already been committed to
the extensible gawk CVS tree at http://sourceforge.net/projects/xmlgawk/.


Attachment: eval.patch
Description: Text document

reply via email to

[Prev in Thread] Current Thread [Next in Thread]