diff options
author | jilles <jilles@FreeBSD.org> | 2010-07-25 22:25:52 +0000 |
---|---|---|
committer | jilles <jilles@FreeBSD.org> | 2010-07-25 22:25:52 +0000 |
commit | f8f703f788bf2b6449cbf8ba919cf78165514f0b (patch) | |
tree | 6c8676b01d33f6ffd8f9c8f3ba98c0f556da18cf /tools | |
parent | 0e1b75189b6d3ce284fe41e55aeff9c5357f6c2a (diff) | |
download | FreeBSD-src-f8f703f788bf2b6449cbf8ba919cf78165514f0b.zip FreeBSD-src-f8f703f788bf2b6449cbf8ba919cf78165514f0b.tar.gz |
sh: Fix crash due to uninitialized here-document.
If an ; or & token was followed by an EOF token, pending here-documents were
left uninitialized. Execution would crash, either in the main shell process
for literal here-documents or in a child process for expanded
here-documents. In the latter case the problem is hard to detect apart from
the core dumps and log messages.
Side effect: slightly different retries on inputs where EOF is not
persistent.
Note that tools/regression/bin/sh/parser/heredoc6.0 still causes a similar
crash in a child process. The text passed to eval is malformed and should be
rejected.
Diffstat (limited to 'tools')
-rw-r--r-- | tools/regression/bin/sh/parser/heredoc7.0 | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/tools/regression/bin/sh/parser/heredoc7.0 b/tools/regression/bin/sh/parser/heredoc7.0 new file mode 100644 index 0000000..a150106 --- /dev/null +++ b/tools/regression/bin/sh/parser/heredoc7.0 @@ -0,0 +1,19 @@ +# $FreeBSD$ + +# Some of these created malformed parse trees with null pointers for here +# documents, causing the here document writing process to segfault. +eval ': <<EOF' +eval ': <<EOF;' +eval '`: <<EOF`' +eval '`: <<EOF;`' +eval '`: <<EOF`;' +eval '`: <<EOF;`;' + +# Some of these created malformed parse trees with null pointers for here +# documents, causing sh to segfault. +eval ': <<\EOF' +eval ': <<\EOF;' +eval '`: <<\EOF`' +eval '`: <<\EOF;`' +eval '`: <<\EOF`;' +eval '`: <<\EOF;`;' |