gawk-diffs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] gawk branch, master, updated. gawk-4.1.0-4820-ge709eb82

From: Arnold Robbins
Subject: [SCM] gawk branch, master, updated. gawk-4.1.0-4820-ge709eb82
Date: Wed, 3 Aug 2022 06:01:13 -0400 (EDT) 
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "gawk".

The branch, master has been updated
       via  e709eb829448ce040087a3fc5481db6bfcaae212 (commit)
      from  e6aa63dc9292da6d94e6c706ee0a63b8506642d8 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://git.sv.gnu.org/cgit/gawk.git/commit/?id=e709eb829448ce040087a3fc5481db6bfcaae212

commit e709eb829448ce040087a3fc5481db6bfcaae212
Author: Arnold D. Robbins <arnold@skeeve.com>
Date:   Wed Aug 3 13:00:54 2022 +0300

    Smal bug fix in builtin.c.

diff --git a/ChangeLog b/ChangeLog
index b304a409..e5d1c51a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2022-08-03         Arnold D. Robbins     <arnold@skeeve.com>
+
+       * builtin.c (format_tree): When collecting positional field widths or
+       precisions, check for wrap around to negative values. Thanks to
+       YU Jiongchi <jcyu.2022@phdcs.smu.edu.sg> for the report.
+
 2022-07-29         Arnold D. Robbins     <arnold@skeeve.com>
 
        * builtin.c (efwrite): Check ferror() also, fixes some weird
diff --git a/builtin.c b/builtin.c
index 21125453..b92db992 100644
--- a/builtin.c
+++ b/builtin.c
@@ -1030,7 +1030,10 @@ check_pos:
                                        s1++;
                                        n0--;
                                }
-                               if (val >= num_args) {
+                               // val could be less than zero if someone 
provides a field width
+                               // so large that it causes integer overflow. 
Mainly fuzzers do this,
+                               // but let's try to be good anyway.
+                               if (val < 0 || val >= num_args) {
                                        toofew = true;
                                        break;
                                }

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog | 6 ++++++
 builtin.c | 5 ++++-
 2 files changed, 10 insertions(+), 1 deletion(-)


hooks/post-receive
-- 
gawk
reply via email to
[Prev in Thread] Current Thread [Next in Thread]