[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
gawk 3.1.4 bug in eval.c:r_tree_eval
From: |
Andrew J. Schorr |
Subject: |
gawk 3.1.4 bug in eval.c:r_tree_eval |
Date: |
Thu, 21 Apr 2005 14:13:46 -0400 |
User-agent: |
Mutt/1.4.1i |
Hi,
I believe there may be a bug in eval.c:r_tree_eval() in the case
Node_assign_concat section. The existing code looks like this:
if (l != r && (l->flags & PERM) == 0 && l->stref == 1) {
size_t nlen = l->stlen + r->stlen + 2;
erealloc(l->stptr, char *, nlen, "interpret");
memcpy(l->stptr + l->stlen, r->stptr, r->stlen);
l->stlen += r->stlen;
} else {
char *nval;
size_t nlen = l->stlen + r->stlen + 2;
emalloc(nval, char *, nlen, "interpret");
memcpy(nval, l->stptr, l->stlen);
memcpy(nval + l->stlen, r->stptr, r->stlen);
unref(*lhs);
*lhs = make_str_node(nval, l->stlen + r->stlen,
ALREADY_MALLOCED);
}
The problem is in the "if" clause where the string is realloc'ed and
the new portion is appended: the '\0' character is not appended to
terminate the string. The fix is simply to add a terminating '\0'
char; this gets valgrind and purify to stop complaining.
This is not a problem in the "else" clause because make_str_node
always adds the terminating '\0' char (even if ALREADY_MALLOCED).
A suggested patch is attached. This has already been committed to
the extensible gawk CVS tree at http://sourceforge.net/projects/xmlgawk/.
Regards,
Andy
eval.patch
Description: Text document
- gawk 3.1.4 bug in eval.c:r_tree_eval,
Andrew J. Schorr <=