From 44e7abbf6884e2a6e1c48291fffbd126869c0db6 Mon Sep 17 00:00:00 2001 From: schwarze Date: Thu, 1 Jan 2015 15:34:43 +0000 Subject: [PATCH] Don't dereference NULL pointers when formatting missing denominators, subscripts, superscripts, or "from" or "to" arguments. Found by jsg@ with afl. --- regress/usr.bin/mandoc/eqn/fromto/Makefile | 6 +++--- regress/usr.bin/mandoc/eqn/fromto/noarg.in | 12 +++++++++++ .../usr.bin/mandoc/eqn/fromto/noarg.out_ascii | 9 ++++++++ .../usr.bin/mandoc/eqn/fromto/noarg.out_html | 1 + regress/usr.bin/mandoc/eqn/over/Makefile | 7 ++++--- regress/usr.bin/mandoc/eqn/over/noarg.in | 12 +++++++++++ .../usr.bin/mandoc/eqn/over/noarg.out_ascii | 9 ++++++++ .../usr.bin/mandoc/eqn/over/noarg.out_html | 1 + .../usr.bin/mandoc/eqn/over/noarg.out_lint | 1 + regress/usr.bin/mandoc/eqn/subsup/Makefile | 6 +++--- regress/usr.bin/mandoc/eqn/subsup/noarg.in | 12 +++++++++++ .../usr.bin/mandoc/eqn/subsup/noarg.out_ascii | 9 ++++++++ .../usr.bin/mandoc/eqn/subsup/noarg.out_html | 1 + usr.bin/mandoc/eqn_term.c | 21 +++++++++++-------- 14 files changed, 89 insertions(+), 18 deletions(-) create mode 100644 regress/usr.bin/mandoc/eqn/fromto/noarg.in create mode 100644 regress/usr.bin/mandoc/eqn/fromto/noarg.out_ascii create mode 100644 regress/usr.bin/mandoc/eqn/fromto/noarg.out_html create mode 100644 regress/usr.bin/mandoc/eqn/over/noarg.in create mode 100644 regress/usr.bin/mandoc/eqn/over/noarg.out_ascii create mode 100644 regress/usr.bin/mandoc/eqn/over/noarg.out_html create mode 100644 regress/usr.bin/mandoc/eqn/over/noarg.out_lint create mode 100644 regress/usr.bin/mandoc/eqn/subsup/noarg.in create mode 100644 regress/usr.bin/mandoc/eqn/subsup/noarg.out_ascii create mode 100644 regress/usr.bin/mandoc/eqn/subsup/noarg.out_html diff --git a/regress/usr.bin/mandoc/eqn/fromto/Makefile b/regress/usr.bin/mandoc/eqn/fromto/Makefile index a48306f24dc..a2012e8f932 100644 --- a/regress/usr.bin/mandoc/eqn/fromto/Makefile +++ b/regress/usr.bin/mandoc/eqn/fromto/Makefile @@ -1,6 +1,6 @@ -# $OpenBSD: Makefile,v 1.1.1.1 2015/01/01 12:53:46 schwarze Exp $ +# $OpenBSD: Makefile,v 1.2 2015/01/01 15:34:43 schwarze Exp $ -REGRESS_TARGETS = basic -HTML_TARGETS = basic +REGRESS_TARGETS = basic noarg +HTML_TARGETS = basic noarg .include diff --git a/regress/usr.bin/mandoc/eqn/fromto/noarg.in b/regress/usr.bin/mandoc/eqn/fromto/noarg.in new file mode 100644 index 00000000000..e37d2e93d0b --- /dev/null +++ b/regress/usr.bin/mandoc/eqn/fromto/noarg.in @@ -0,0 +1,12 @@ +.Dd January 1, 2015 +.Dt FROMTO-NOARG 1 +.Os OpenBSD +.Sh NAME +.Nm fromto-noarg +.Nd vertical stacking lacks final argument +.Sh DESCRIPTION +initial text +.EQ +x from a to to +.EN +final text diff --git a/regress/usr.bin/mandoc/eqn/fromto/noarg.out_ascii b/regress/usr.bin/mandoc/eqn/fromto/noarg.out_ascii new file mode 100644 index 00000000000..06d2ae8167b --- /dev/null +++ b/regress/usr.bin/mandoc/eqn/fromto/noarg.out_ascii @@ -0,0 +1,9 @@ +FROMTO-NOARG(1) General Commands Manual FROMTO-NOARG(1) + +NNAAMMEE + ffrroommttoo--nnooaarrgg - vertical stacking lacks final argument + +DDEESSCCRRIIPPTTIIOONN + initial text x_a^^ final text + +OpenBSD January 1, 2015 OpenBSD diff --git a/regress/usr.bin/mandoc/eqn/fromto/noarg.out_html b/regress/usr.bin/mandoc/eqn/fromto/noarg.out_html new file mode 100644 index 00000000000..1caf3a3d661 --- /dev/null +++ b/regress/usr.bin/mandoc/eqn/fromto/noarg.out_html @@ -0,0 +1 @@ +xa diff --git a/regress/usr.bin/mandoc/eqn/over/Makefile b/regress/usr.bin/mandoc/eqn/over/Makefile index 1933faf64f0..8b864c25c70 100644 --- a/regress/usr.bin/mandoc/eqn/over/Makefile +++ b/regress/usr.bin/mandoc/eqn/over/Makefile @@ -1,6 +1,7 @@ -# $OpenBSD: Makefile,v 1.1.1.1 2015/01/01 12:53:46 schwarze Exp $ +# $OpenBSD: Makefile,v 1.2 2015/01/01 15:34:43 schwarze Exp $ -REGRESS_TARGETS = precedence -HTML_TARGETS = precedence +REGRESS_TARGETS = noarg precedence +HTML_TARGETS = noarg precedence +LINT_TARGETS = noarg .include diff --git a/regress/usr.bin/mandoc/eqn/over/noarg.in b/regress/usr.bin/mandoc/eqn/over/noarg.in new file mode 100644 index 00000000000..ac93fccac98 --- /dev/null +++ b/regress/usr.bin/mandoc/eqn/over/noarg.in @@ -0,0 +1,12 @@ +.Dd January 1, 2015 +.Dt OVER-NOARG 1 +.Os OpenBSD +.Sh NAME +.Nm over-noarg +.Nd fraction operator without arguments +.Sh DESCRIPTION +initial text +.EQ +over over +.EN +final text diff --git a/regress/usr.bin/mandoc/eqn/over/noarg.out_ascii b/regress/usr.bin/mandoc/eqn/over/noarg.out_ascii new file mode 100644 index 00000000000..4057f6bd9b5 --- /dev/null +++ b/regress/usr.bin/mandoc/eqn/over/noarg.out_ascii @@ -0,0 +1,9 @@ +OVER-NOARG(1) General Commands Manual OVER-NOARG(1) + +NNAAMMEE + oovveerr--nnooaarrgg - fraction operator without arguments + +DDEESSCCRRIIPPTTIIOONN + initial text // final text + +OpenBSD January 1, 2015 OpenBSD diff --git a/regress/usr.bin/mandoc/eqn/over/noarg.out_html b/regress/usr.bin/mandoc/eqn/over/noarg.out_html new file mode 100644 index 00000000000..565b988c129 --- /dev/null +++ b/regress/usr.bin/mandoc/eqn/over/noarg.out_html @@ -0,0 +1 @@ + diff --git a/regress/usr.bin/mandoc/eqn/over/noarg.out_lint b/regress/usr.bin/mandoc/eqn/over/noarg.out_lint new file mode 100644 index 00000000000..aabfc30b394 --- /dev/null +++ b/regress/usr.bin/mandoc/eqn/over/noarg.out_lint @@ -0,0 +1 @@ +mandoc: noarg.in:9:1: WARNING: missing eqn box, using "": over diff --git a/regress/usr.bin/mandoc/eqn/subsup/Makefile b/regress/usr.bin/mandoc/eqn/subsup/Makefile index 22299589af7..4e11b33d5c5 100644 --- a/regress/usr.bin/mandoc/eqn/subsup/Makefile +++ b/regress/usr.bin/mandoc/eqn/subsup/Makefile @@ -1,6 +1,6 @@ -# $OpenBSD: Makefile,v 1.1.1.1 2015/01/01 12:53:46 schwarze Exp $ +# $OpenBSD: Makefile,v 1.2 2015/01/01 15:34:43 schwarze Exp $ -REGRESS_TARGETS = combine sub_group -HTML_TARGETS = combine sub_group +REGRESS_TARGETS = combine noarg sub_group +HTML_TARGETS = combine noarg sub_group .include diff --git a/regress/usr.bin/mandoc/eqn/subsup/noarg.in b/regress/usr.bin/mandoc/eqn/subsup/noarg.in new file mode 100644 index 00000000000..adc32d8f5e3 --- /dev/null +++ b/regress/usr.bin/mandoc/eqn/subsup/noarg.in @@ -0,0 +1,12 @@ +.Dd January 1, 2015 +.Dt SUBSUP-NOARG 1 +.Os OpenBSD +.Sh NAME +.Nm subsup-noarg +.Nd empty subscripts and superscripts +.Sh DESCRIPTION +initial text +.EQ +x sub 1 sup sup +.EN +final text diff --git a/regress/usr.bin/mandoc/eqn/subsup/noarg.out_ascii b/regress/usr.bin/mandoc/eqn/subsup/noarg.out_ascii new file mode 100644 index 00000000000..ad99680b060 --- /dev/null +++ b/regress/usr.bin/mandoc/eqn/subsup/noarg.out_ascii @@ -0,0 +1,9 @@ +SUBSUP-NOARG(1) General Commands Manual SUBSUP-NOARG(1) + +NNAAMMEE + ssuubbssuupp--nnooaarrgg - empty subscripts and superscripts + +DDEESSCCRRIIPPTTIIOONN + initial text x_1^^ final text + +OpenBSD January 1, 2015 OpenBSD diff --git a/regress/usr.bin/mandoc/eqn/subsup/noarg.out_html b/regress/usr.bin/mandoc/eqn/subsup/noarg.out_html new file mode 100644 index 00000000000..0741689120d --- /dev/null +++ b/regress/usr.bin/mandoc/eqn/subsup/noarg.out_html @@ -0,0 +1 @@ +x1 diff --git a/usr.bin/mandoc/eqn_term.c b/usr.bin/mandoc/eqn_term.c index 39324a7da74..e9a579ca351 100644 --- a/usr.bin/mandoc/eqn_term.c +++ b/usr.bin/mandoc/eqn_term.c @@ -1,7 +1,7 @@ -/* $OpenBSD: eqn_term.c,v 1.3 2014/10/12 14:48:25 schwarze Exp $ */ +/* $OpenBSD: eqn_term.c,v 1.4 2015/01/01 15:34:43 schwarze Exp $ */ /* * Copyright (c) 2011 Kristaps Dzonsons - * Copyright (c) 2014 Ingo Schwarze + * Copyright (c) 2014, 2015 Ingo Schwarze * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -77,14 +77,17 @@ eqn_box(struct termp *p, const struct eqn_box *bp) bp->pos == EQNPOS_TO) ? "^" : "_"); p->flags |= TERMP_NOSPACE; child = child->next; - eqn_box(p, child); - if (bp->pos == EQNPOS_FROMTO || - bp->pos == EQNPOS_SUBSUP) { - p->flags |= TERMP_NOSPACE; - term_word(p, "^"); - p->flags |= TERMP_NOSPACE; - child = child->next; + if (child != NULL) { eqn_box(p, child); + if (bp->pos == EQNPOS_FROMTO || + bp->pos == EQNPOS_SUBSUP) { + p->flags |= TERMP_NOSPACE; + term_word(p, "^"); + p->flags |= TERMP_NOSPACE; + child = child->next; + if (child != NULL) + eqn_box(p, child); + } } } else { child = bp->first; -- 2.20.1