grep branch, master, updated. v2.8-18-g0b91d69

grep-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

grep branch, master, updated. v2.8-18-g0b91d69

From:	Jim Meyering
Subject:	grep branch, master, updated. v2.8-18-g0b91d69
Date:	Fri, 17 Jun 2011 08:46:37 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "grep".

The branch, master has been updated
       via  0b91d6928e9d098d3746ce9f4bb4160a2e685f5c (commit)
      from  9d60e79a26787b742a1f075ac96195b111f68af0 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/grep.git/commit/?id=0b91d6928e9d098d3746ce9f4bb4160a2e685f5c


commit 0b91d6928e9d098d3746ce9f4bb4160a2e685f5c
Author: Jim Meyering <address@hidden>
Date:   Fri Jun 17 10:27:06 2011 +0200

    dfa: don't overrun a malloc'd buffer for certain regexps
    
    * src/dfa.c (dfaanalyze): Allocate space for twice as many
    positions as there are leaves.  Before this change, for some
    regular expressions, DFA analysis would have inserted far more
    "positions" than dfa->nleaves (up to double).
    Reported by Raymond Russell in http://savannah.gnu.org/bugs/?33547
    * tests/dfa-heap-overrun: Trigger the overrun.
    * tests/Makefile.am (TESTS): Add it.
    * NEWS (Bug fixes): Mention it.

diff --git a/NEWS b/NEWS
index d026448..3354d50 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,9 @@ GNU grep NEWS                                    -*- outline -*-
 
 ** Bug fixes
 
+  grep no longer clobbers heap for an ERE like '(^| )*( |$)'
+  [bug introduced in grep-2.6]
+
   grep is faster on regular expressions that match multibyte characters
   in brackets (such as '[Ã¡Ã©ÃÃ³Ãº]').
 
diff --git a/src/dfa.c b/src/dfa.c
index 873530f..c32d679 100644
--- a/src/dfa.c
+++ b/src/dfa.c
@@ -2134,7 +2134,7 @@ dfaanalyze (struct dfa *d, int searchflag)
   MALLOC(lastpos, position, d->nleaves);
   o_lastpos = lastpos, lastpos += d->nleaves;
   CALLOC(nalloc, int, d->tindex);
-  MALLOC(merged.elems, position, d->nleaves);
+  MALLOC(merged.elems, position, 2 * d->nleaves);
 
   CALLOC(d->follows, position_set, d->tindex);
 
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 8d51727..1f0d2cf 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -46,6 +46,7 @@ TESTS =                                               \
   case-fold-char-range                         \
   case-fold-char-type                          \
   char-class-multibyte                         \
+  dfa-heap-overrun                             \
   dfaexec-multibyte                            \
   empty                                                \
   equiv-classes                                 \
@@ -103,7 +104,6 @@ MALLOC_PERTURB_ = 1
 TESTS_ENVIRONMENT =                            \
   tmp__=$$TMPDIR; test -d "$$tmp__" || tmp__=.;        \
   TMPDIR=$$tmp__; export TMPDIR;               \
-  exec 9>&2;                                   \
   shell_or_perl_() {                           \
     if grep '^\#!/usr/bin/perl' "$$1" > /dev/null; then                        
\
       if $(PERL) -e 'use warnings' > /dev/null 2>&1; then              \
@@ -141,6 +141,6 @@ TESTS_ENVIRONMENT =                         \
   PERL='$(PERL)'                               \
   SHELL='$(SHELL)'                             \
   PATH='$(abs_top_builddir)/src$(PATH_SEPARATOR)'"$$PATH" \
-  ; shell_or_perl_
+  ; shell_or_perl_ 9>&2
 
 VERBOSE = yes
diff --git a/tests/dfa-heap-overrun b/tests/dfa-heap-overrun
new file mode 100755
index 0000000..dda1c12
--- /dev/null
+++ b/tests/dfa-heap-overrun
@@ -0,0 +1,26 @@
+#!/bin/sh
+# Trigger a heap overrun in grep-2.6..grep-2.8.
+
+# Copyright (C) 2011 Free Software Foundation, Inc.
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+. "${srcdir=.}/init.sh"; path_prepend_ ../src
+
+fail=0
+
+grep -E '(^| )*(a|b)*(c|d)*( |$)' < /dev/null
+test $? = 1 || fail=1
+
+Exit $fail

-----------------------------------------------------------------------

Summary of changes:
 NEWS                                       |    3 +++
 src/dfa.c                                  |    2 +-
 tests/Makefile.am                          |    4 ++--
 tests/{high-bit-range => dfa-heap-overrun} |    8 +++-----
 4 files changed, 9 insertions(+), 8 deletions(-)
 copy tests/{high-bit-range => dfa-heap-overrun} (82%)
 mode change 100644 => 100755


hooks/post-receive
-- 
grep

[Prev in Thread]

Current Thread

[Next in Thread]

grep branch, master, updated. v2.8-18-g0b91d69, Jim Meyering <=

Prev by Date: grep branch, master, updated. v2.8-17-g9d60e79
Next by Date: grep branch, master, updated. v2.8-20-g2c6e32f
Previous by thread: grep branch, master, updated. v2.8-17-g9d60e79
Next by thread: grep branch, master, updated. v2.8-20-g2c6e32f
Index(es):
- Date
- Thread