[src/trunk]: src/usr.bin/make make(1): fix undefined behavior in malformed :S...

[rillig <rillig%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/8afaf8eb9e6e
branches:  trunk
changeset: 936571:8afaf8eb9e6e
user:      rillig <rillig%NetBSD.org@localhost>
date:      Fri Jul 31 07:29:21 2020 +0000

description:
make(1): fix undefined behavior in malformed :S modifier

The unit tests failed on Ubuntu, and by looking closely at the code, it
was trivial to see the out-of-bounds memory read.

Other modifiers may have the same problem and will be inspected later.

diffstat:

 usr.bin/make/Makefile               |  12 +++++++++---
 usr.bin/make/unit-tests/moderrs.exp |   6 +++---
 usr.bin/make/var.c                  |  11 ++++++++---
 3 files changed, 20 insertions(+), 9 deletions(-)

diffs (90 lines):

diff -r eb0ceb990bdb -r 8afaf8eb9e6e usr.bin/make/Makefile
--- a/usr.bin/make/Makefile     Fri Jul 31 04:07:30 2020 +0000
+++ b/usr.bin/make/Makefile     Fri Jul 31 07:29:21 2020 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: Makefile,v 1.76 2020/07/29 20:57:31 rillig Exp $
+#      $NetBSD: Makefile,v 1.77 2020/07/31 07:29:21 rillig Exp $
 #      @(#)Makefile    5.2 (Berkeley) 12/28/90
 
 PROG=  make
@@ -8,11 +8,17 @@
 
 USE_COVERAGE?= no              # works only with gcc; clang9 fails to link
 .if ${USE_COVERAGE} == "yes"
-COPTS=         --coverage -O0 -ggdb
-LDADD=         --coverage
+COPTS+=                --coverage -O0 -ggdb
+LDADD+=                --coverage
 CLEANFILES+=   ${SRCS:.c=.gcda} ${SRCS:.c=.gcno} ${SRCS:=.gcov}
 .endif
 
+USE_UBSAN?=    no
+.if ${USE_UBSAN} == "yes"
+COPTS+=                -fsanitize=undefined
+LDADD+=                -fsanitize=undefined
+.endif
+
 USE_META?=     yes
 .if ${USE_META:tl} != "no"
 
diff -r eb0ceb990bdb -r 8afaf8eb9e6e usr.bin/make/unit-tests/moderrs.exp
--- a/usr.bin/make/unit-tests/moderrs.exp       Fri Jul 31 04:07:30 2020 +0000
+++ b/usr.bin/make/unit-tests/moderrs.exp       Fri Jul 31 07:29:21 2020 +0000
@@ -36,7 +36,7 @@
 make: Unclosed substitution for ! (! missing)
 
 mod-subst-delimiter:
-make: Unclosed substitution for VAR (@ missing)
+make: Missing delimiter for :S modifier
 
 make: Unclosed substitution for VAR (, missing)
 
@@ -49,8 +49,8 @@
 make: Unclosed variable specification (expecting '}') for "VAR" (value "TheVariable") modifier S
 TheVariable
 TheVariable
-make: Unclosed variable specification (expecting '}') for "VAR" (value "TheVariable") modifier S
-1: TheVariable
+make: Missing delimiter for :S modifier
+1:
 make: Unclosed substitution for VAR (, missing)
 2:
 make: Unclosed substitution for VAR (, missing)
diff -r eb0ceb990bdb -r 8afaf8eb9e6e usr.bin/make/var.c
--- a/usr.bin/make/var.c        Fri Jul 31 04:07:30 2020 +0000
+++ b/usr.bin/make/var.c        Fri Jul 31 07:29:21 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: var.c,v 1.358 2020/07/29 21:35:35 rillig Exp $ */
+/*     $NetBSD: var.c,v 1.359 2020/07/31 07:29:21 rillig Exp $ */
 
 /*
  * Copyright (c) 1988, 1989, 1990, 1993
@@ -69,14 +69,14 @@
  */
 
 #ifndef MAKE_NATIVE
-static char rcsid[] = "$NetBSD: var.c,v 1.358 2020/07/29 21:35:35 rillig Exp $";
+static char rcsid[] = "$NetBSD: var.c,v 1.359 2020/07/31 07:29:21 rillig Exp $";
 #else
 #include <sys/cdefs.h>
 #ifndef lint
 #if 0
 static char sccsid[] = "@(#)var.c      8.3 (Berkeley) 3/19/94";
 #else
-__RCSID("$NetBSD: var.c,v 1.358 2020/07/29 21:35:35 rillig Exp $");
+__RCSID("$NetBSD: var.c,v 1.359 2020/07/31 07:29:21 rillig Exp $");
 #endif
 #endif /* not lint */
 #endif
@@ -2395,6 +2395,11 @@
     ModifyWord_SubstArgs args;
     Boolean oneBigWord = st->oneBigWord;
     char delim = mod[1];
+    if (delim == '\0') {
+       Error("Missing delimiter for :S modifier");
+       st->next = mod + 1;
+       return AMR_CLEANUP;
+    }
 
     st->next = mod + 2;