From 4d617ba1117a312b86dd83f842680c2d33b5b520 Mon Sep 17 00:00:00 2001 From: millert Date: Thu, 21 Sep 2023 17:19:06 +0000 Subject: [PATCH] Fix a potential out-of-bounds read caused by the big-endian fix. We must store a UTF-32 empty string, not UTF-8 empty string, for an empty CCL. Found running the awk test suite with address sanitizer. --- usr.bin/awk/b.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/usr.bin/awk/b.c b/usr.bin/awk/b.c index 64284ab8e7c..5cf54abb8b7 100644 --- a/usr.bin/awk/b.c +++ b/usr.bin/awk/b.c @@ -1,4 +1,4 @@ -/* $OpenBSD: b.c,v 1.41 2023/09/19 01:14:05 millert Exp $ */ +/* $OpenBSD: b.c,v 1.42 2023/09/21 17:19:06 millert Exp $ */ /**************************************************************** Copyright (C) Lucent Technologies 1997 All Rights Reserved @@ -951,7 +951,7 @@ Node *primary(void) rtok = relex(); if (rtok == ')') { /* special pleading for () */ rtok = relex(); - return unary(op2(CCL, NIL, (Node *) tostring(""))); + return unary(op2(CCL, NIL, (Node *) cclenter(""))); } np = regexp(); if (rtok == ')') { @@ -974,7 +974,7 @@ Node *concat(Node *np) return (concat(op2(CAT, np, primary()))); case EMPTYRE: rtok = relex(); - return (concat(op2(CAT, op2(CCL, NIL, (Node *) tostring("")), + return (concat(op2(CAT, op2(CCL, NIL, (Node *) cclenter("")), primary()))); } return (np); -- 2.20.1