[src/trunk]: src/usr.bin/make Fix out-of-bounds read in Str_Match.

[rillig <rillig%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/8bf2b228941b
branches:  trunk
changeset: 846814:8bf2b228941b
user:      rillig <rillig%NetBSD.org@localhost>
date:      Sun Dec 01 23:53:49 2019 +0000

description:
Fix out-of-bounds read in Str_Match.

diffstat:

 usr.bin/make/str.c                     |  8 +++++---
 usr.bin/make/unit-tests/varmod-edge.mk |  5 ++++-
 2 files changed, 9 insertions(+), 4 deletions(-)

diffs (54 lines):

diff -r 304e280fb233 -r 8bf2b228941b usr.bin/make/str.c
--- a/usr.bin/make/str.c        Sun Dec 01 23:14:47 2019 +0000
+++ b/usr.bin/make/str.c        Sun Dec 01 23:53:49 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: str.c,v 1.38 2017/04/21 22:15:44 sjg Exp $     */
+/*     $NetBSD: str.c,v 1.39 2019/12/01 23:53:49 rillig Exp $  */
 
 /*-
  * Copyright (c) 1988, 1989, 1990, 1993
@@ -69,14 +69,14 @@
  */
 
 #ifndef MAKE_NATIVE
-static char rcsid[] = "$NetBSD: str.c,v 1.38 2017/04/21 22:15:44 sjg Exp $";
+static char rcsid[] = "$NetBSD: str.c,v 1.39 2019/12/01 23:53:49 rillig Exp $";
 #else
 #include <sys/cdefs.h>
 #ifndef lint
 #if 0
 static char     sccsid[] = "@(#)str.c  5.8 (Berkeley) 6/1/90";
 #else
-__RCSID("$NetBSD: str.c,v 1.38 2017/04/21 22:15:44 sjg Exp $");
+__RCSID("$NetBSD: str.c,v 1.39 2019/12/01 23:53:49 rillig Exp $");
 #endif
 #endif                         /* not lint */
 #endif
@@ -407,6 +407,8 @@
                                return 0;
                        while ((*pattern != ']') && (*pattern != 0))
                                ++pattern;
+                       if (*pattern == 0)
+                               --pattern;
                        goto thisCharOK;
                }
                /*
diff -r 304e280fb233 -r 8bf2b228941b usr.bin/make/unit-tests/varmod-edge.mk
--- a/usr.bin/make/unit-tests/varmod-edge.mk    Sun Dec 01 23:14:47 2019 +0000
+++ b/usr.bin/make/unit-tests/varmod-edge.mk    Sun Dec 01 23:53:49 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: varmod-edge.mk,v 1.4 2019/11/30 03:53:45 rillig Exp $
+# $NetBSD: varmod-edge.mk,v 1.5 2019/12/01 23:53:49 rillig Exp $
 #
 # Tests for edge cases in variable modifiers.
 #
@@ -67,6 +67,9 @@
 #
 # XXX: It is unexpected that no error is reported.
 # See str.c, function Str_Match.
+#
+# Before 2019-12-02, this test case triggered an out-of-bounds read
+# in Str_Match.
 TESTS+=                M-pat-err
 INP.M-pat-err= [ [[ [[[
 MOD.M-pat-err= ${INP.M-pat-err:M${:U[[}}