1 1.8 rillig # $NetBSD: parse.mk,v 1.8 2025/06/28 22:39:29 rillig Exp $ 2 1.1 rillig # 3 1.1 rillig # Test those parts of the parsing that do not belong in any of the other 4 1.1 rillig # categories. 5 1.1 rillig 6 1.8 rillig # expect+1: Invalid line "<<<<<< old" 7 1.1 rillig <<<<<< old 8 1.2 rillig 9 1.2 rillig # No diagnostic since the following line is parsed as a variable assignment, 10 1.2 rillig # even though the variable name is empty. See also varname-empty.mk. 11 1.2 rillig ====== middle 12 1.2 rillig 13 1.8 rillig # expect+1: Invalid line ">>>>>> new" 14 1.2 rillig >>>>>> new 15 1.3 rillig 16 1.3 rillig 17 1.3 rillig # Since parse.c 1.578 from 2021-12-14 and before parse.c 1.681 from 18 1.3 rillig # 2022-07-24, if a line of a makefile could only be a dependency specification 19 1.3 rillig # but didn't contain any of the dependency operators ':', '!', '::' and its 20 1.3 rillig # expansion ended with a space, make read a single byte from the memory beyond 21 1.3 rillig # the expanded line's terminating '\0'. 22 1.3 rillig # 23 1.3 rillig # https://bugs.freebsd.org/265119 24 1.8 rillig # expect+1: Invalid line "one-target ${:U }", expanded to "one-target " 25 1.3 rillig one-target ${:U } 26 1.4 rillig 27 1.4 rillig 28 1.4 rillig # Since parse.c 1.656 from 2022-01-27 and before parse.c 1.662 from 29 1.4 rillig # 2022-02-05, there was an out-of-bounds read in Parse_IsVar when looking for 30 1.4 rillig # a variable assignment in a dependency line with trailing whitespace. Lines 31 1.4 rillig # without trailing whitespace were not affected. Global variable assignments 32 1.4 rillig # were guaranteed to have no trailing whitespace and were thus not affected. 33 1.4 rillig # 34 1.4 rillig # Try to reproduce some variants that may lead to a crash, depending on the 35 1.4 rillig # memory allocator. To get a crash, the terminating '\0' of the line must be 36 1.4 rillig # the last byte of a memory page. The expression '${:U}' forces this trailing 37 1.4 rillig # whitespace. 38 1.4 rillig 39 1.4 rillig # On FreeBSD x86_64, a crash could in some cases be forced using the following 40 1.4 rillig # line, which has length 47, and if the memory for the expanded line starts at 41 1.4 rillig # 0xXXXX_XXd0, the terminating '\0' may end up at 0xXXXX_Xfff: 42 1.4 rillig Try_to_crash_FreeBSD.xxxxxxxxxxxxxxxxxx: 12345 ${:U} 43 1.4 rillig 44 1.4 rillig # The following line has length 4095 after being expanded, so line[4095] == 45 1.4 rillig # '\0'. If the line is 46 1.4 rillig # allocated on a page boundary and the following page is not mapped, this line 47 1.4 rillig # leads to a segmentation fault. 48 1.4 rillig ${:U:range=511:@_@1234567@:ts.}: 12345 ${:U} 49 1.4 rillig 50 1.4 rillig # The following line has length 8191, so line[8191] == '\0'. If the line is 51 1.4 rillig # allocated on a page boundary and the following page is not mapped, this line 52 1.4 rillig # leads to a segmentation fault. 53 1.4 rillig ${:U:range=1023:@_@1234567@:ts.}: 12345 ${:U} 54 1.4 rillig 55 1.4 rillig 12345: 56
Indexes created Sat Sep 20 22:09:52 GMT 2025