| Age | Commit message (Collapse) | Author |
|---|
|
* Fix hwasan global overflow.
Crash found with https://source.android.com/devices/tech/debug/hwasan
but also detectable by regular ASan. Here's an ASan crash:
==215690==ERROR: AddressSanitizer: global-buffer-overflow on address
0x55d90f8da140 at pc 0x55d90f8b7503 bp 0x7ffd3dae6100 sp 0x7ffd3dae60f8
READ of size 4 at 0x55d90f8da140 thread T0
#0 0x55d90f8b7502 in word /tmp/awk/lex.c:496
#1 0x55d90f8b939f in yylex /tmp/awk/lex.c:191
#2 0x55d90f894ab9 in yyparse /tmp/awk/awkgram.tab.c:2366
#3 0x55d90f89edc2 in main /tmp/awk/main.c:216
#4 0x7ff263a78bba in __libc_start_main ../csu/libc-start.c:308
#5 0x55d90f8945a9 in _start (/tmp/awk/a.out+0x115a9)
0x55d90f8da141 is located 0 bytes to the right of global variable
'infunc' defined in 'awkgram.y:35:6' (0x55d90f8da140) of size 1
SUMMARY: AddressSanitizer: global-buffer-overflow /tmp/awk/lex.c:496 in word
Shadow bytes around the buggy address:
0x0abba1f133d0: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
0x0abba1f133e0: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
0x0abba1f133f0: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
0x0abba1f13400: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00
0x0abba1f13410: 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
=>0x0abba1f13420: 04 f9 f9 f9 f9 f9 f9 f9[01]f9 f9 f9 f9 f9 f9 f9
0x0abba1f13430: 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
0x0abba1f13440: 00 00 00 00 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9
0x0abba1f13450: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9
0x0abba1f13460: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9
0x0abba1f13470: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
And here's the stack trace from hwasan:
Stack Trace:
RELADDR FUNCTION FILE:LINE
00000000000168d4 word external/one-true-awk/lex.c:496:18
000000000002d1ec yyparse y.tab.c:2460:16
000000000001c82c main external/one-true-awk/main.c:179:2
00000000000b41a0 __libc_init bionic/libc/bionic/libc_init_dynamic.cpp:151:8
As it says, we're doing a 4-byte read from a 1-byte global.
`infunc` is declared as an int but defined as a bool.
Signed-off-by: Evgenii Stepanov <eugenis@google.com>
* Add ASan cflags to makefile.
They're not used by default, but this way they're easily to hand next
time they're wanted.
Bug: http://b/150168534
Test: treehugger
(cherry picked from commit 7b245a02668dcb9f9677b36f5745cfd07cc216bd)
Change-Id: I1302532f27970b3e73df6536238c2777798bd102
|
|
69b38a7b2d am: b449b2550c am: a8dca89194
Change-Id: I03638f7dfb56f76f3ff8ddd3e614deed18cd7daf
|
|
69b38a7b2d am: b449b2550c
Change-Id: I8a9bb47900a36c47d9347beb0613b822632dfd9b
|
|
Change-Id: Ibbe36fd1dd5cb5cd3f4a1d890794788a00ac7975
|
|
Test: None
Change-Id: I1deb6d8c9e61f129ee3cfe324eea796a5dc7b0c8
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Add a test for german case folding.
* Add a function to copy a string with a string with a larger allocation
(to be used by the case folding routines)
* Add printf attributes to the printf-like functions and fix one format
warning
* Cleanup the tempfree macro
* make more functions static
* rename fp to frp (FRame Pointer) to avoid shadowing with fp (File Pointer).
* add more const
* fix indent in UPLUS case
* add locale-aware case folding
* make nfiles size_t
* fix bugs in file closing:
- compare fclose to EOF and pclose to -1
- use nfiles instead of FOPEN_MAX in closeall
- don't close files we did not open (0,1,2) fpurge/fflush instead
* - use NUL instead of 0 for char comparisons
- add ISWS() macro
- use continue; instead of ;
* Check for existance of the german locale before using it.
* Add missing parentheses, thanks Arnold.
|
|
|
|
|
|
|
|
MB_CUR_MAX is the maximum number of bytes in a multibyte character
for the current locale, and might not be a constant expression.
MB_LEN_MAX is the maximum number of bytes in a multibyte character
for any locale, and always expands to a constant-expression.
|
|
|
|
|
|
* sprinkle const, static
* account for lineno in unput
* Add an EMPTY string that is used when a non-const empty string is needed.
* make inputFS static and dynamically allocated
* Simplify and in the process avoid -Wwritable-strings
* make fs const to avoid -Wwritable-strings
|
|
|
|
|
|
|
|
|
|
An input/output error indicates a fatal condition, even if it
occurs when closing a file. Awk should not return success on I/O
error, but treat I/O errors as it already treats write errors.
Test case:
$ (trap '' PIPE; awk 'BEGIN { print "hi"; }'; echo "E $?" >&2) | :
awk: i/o error occurred while closing /dev/stdout
source line number 1
E 2
The test case pipes a line into a dummy command that reads no
input, with SIGPIPE ignored so we rely on awk's own I/O checking.
No write error is detected, because the pipe is buffered; the
broken pipe is only detected as an I/O error on closing stdout.
Before this commit, "E 0" was printed (indicating status 0/success)
because an I/O error merely produced a warning. A shell script
was unable to detect the I/O error using the exit status.
|
|
On case-insensitive file systems (i.e.: macOS), T.concat and
t.concat are the same file, so these conflicted. This commit
renames T.concat to avoid the conflict.
|
|
2b2ca9f3fb am: 78cb1093df am: 7be0794073
Change-Id: I31b2a71bd29660973c47448599812f37d575c9a6
|
|
2b2ca9f3fb am: 78cb1093df
Change-Id: If30c3fa0bd004ab6a0f68d84de9e30b63edde767
|
|
am: 2b2ca9f3fb
Change-Id: I26ec1b0ffe5f7d2f805cf7c4ce5c719dcfe11d12
|
|
Test: None
Change-Id: Ic0ebc6c68e9b4244deff227c75065fd1a029430f
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Further simplify printf % parsing by eating the length specifiers
during the copy phase, and substitute 'j' when finalizing the format.
Add some more tests for this.
|
|
094c2ecf3b am: a625fe19ee am: cffae5c3d8
Change-Id: Ifc0a70da8f2766ee2b3628f1a9080232ee95d821
|
|
094c2ecf3b am: a625fe19ee
Change-Id: Iba74cf32ae69382e5acd33559258546cda3d2beb
|
|
am: 094c2ecf3b
Change-Id: I61e6a0cc3d8dddf138a59a40cc8e26df42ed73be
|
|
Test: None
Change-Id: Ia8f758e4a120ced4a161428b99144cf02041eac4
|
|
* Don't update gototab entries for HAT (corrupts memory)
|
|
|
|
* More cleanups:
- sprinkle const
- add a macro (setptr) that cheats const to temporarily NUL terminate strings
remove casts from allocations
- use strdup instead of strlen+strcpy
- use x = malloc(sizeof(*x)) instead of x = malloc(sizeof(type of *x)))
- add -Wcast-qual (and casts through unitptr_t in the two macros we
cheat (xfree, setptr)).
* More cleanups:
- add const
- use bounded sscanf
- use snprintf instead of sprintf
* More cleanup:
- use snprintf/strlcat instead of sprintf/strcat
- use %j instead of %l since we are casting to intmax_t/uintmax_t
* Merge the 3 copies of the code that evaluated array strings with separators
and convert them to keep track of lengths and use memcpy instead of strcat.
* Fix formats for 32 bit machines broken by previous commit.
We use intmax_t to provide maximum range for both 32 and 64 bit machines.
|
|
d804c3da82 am: ea265ccd63
am: 8a8e20ab0f
Change-Id: Ifa792795a88d8e1a1c78c8122185f7d1d99c083f
|
|
am: ea265ccd63
Change-Id: Ic2113bf73a86e7fff4f15d8c90c22c4ae7af604a
|
