[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#23983: [PATCH] grep: fix crash with a pattern of alternation of two
|
From: |
Eric Blake |
|
Subject: |
bug#23983: [PATCH] grep: fix crash with a pattern of alternation of two same characters |
|
Date: |
Thu, 14 Jul 2016 11:32:30 -0600 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 |
On 07/14/2016 09:07 AM, Norihiro Tanaka wrote:
> Current master crashes with below.
>
> $ printf '0\n0' >pat
> $ printf '0\n' >in
> $ env LC_ALL=C grep -F pat in
>
> grep -F uses memchr2() for each character in this pattern, but if two
> characters is same, the trie has no child.
>
> +++ b/src/kwset.c
> @@ -643,8 +643,13 @@ memoff2_kwset (char const *s, size_t n, kwset_t kwset,
> {
> struct tree const *link = kwset->trie->links;
> struct tree const *clink = link->llink ? link->llink : link->rlink;
> + char const *mch;
> +
> + if (clink)
> + mch = memchr2 (s, link->label, clink->label, n);
> + else
> + mch = memchr (s, link->label, n);
So the crash is because clink can be NULL, not because memchr2() is
faulty. Could you instead do:
struct tree const *clink = link->llink ? link->llink : link->rlink ?
link->rlink : link;
>
> - char const *mch = memchr2 (s, link->label, clink->label, n);
so that you end up passing link->label to both parameters of memchr2()
when there are no further children in the trie?
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature