parse.mk revision 1.4
1 1.4 rillig # $NetBSD: parse.mk,v 1.4 2023/04/28 13:09:48 rillig Exp $ 2 1.1 rillig # 3 1.1 rillig # Test those parts of the parsing that do not belong in any of the other 4 1.1 rillig # categories. 5 1.1 rillig 6 1.1 rillig # expect+1: Makefile appears to contain unresolved CVS/RCS/??? merge conflicts 7 1.1 rillig <<<<<< old 8 1.2 rillig 9 1.2 rillig # No diagnostic since the following line is parsed as a variable assignment, 10 1.2 rillig # even though the variable name is empty. See also varname-empty.mk. 11 1.2 rillig ====== middle 12 1.2 rillig 13 1.2 rillig # expect+1: Makefile appears to contain unresolved CVS/RCS/??? merge conflicts 14 1.2 rillig >>>>>> new 15 1.3 rillig 16 1.3 rillig 17 1.3 rillig # Since parse.c 1.578 from 2021-12-14 and before parse.c 1.681 from 18 1.3 rillig # 2022-07-24, if a line of a makefile could only be a dependency specification 19 1.3 rillig # but didn't contain any of the dependency operators ':', '!', '::' and its 20 1.3 rillig # expansion ended with a space, make read a single byte from the memory beyond 21 1.3 rillig # the expanded line's terminating '\0'. 22 1.3 rillig # 23 1.3 rillig # https://bugs.freebsd.org/265119 24 1.3 rillig one-target ${:U } 25 1.4 rillig 26 1.4 rillig 27 1.4 rillig # Since parse.c 1.656 from 2022-01-27 and before parse.c 1.662 from 28 1.4 rillig # 2022-02-05, there was an out-of-bounds read in Parse_IsVar when looking for 29 1.4 rillig # a variable assignment in a dependency line with trailing whitespace. Lines 30 1.4 rillig # without trailing whitespace were not affected. Global variable assignments 31 1.4 rillig # were guaranteed to have no trailing whitespace and were thus not affected. 32 1.4 rillig # 33 1.4 rillig # Try to reproduce some variants that may lead to a crash, depending on the 34 1.4 rillig # memory allocator. To get a crash, the terminating '\0' of the line must be 35 1.4 rillig # the last byte of a memory page. The expression '${:U}' forces this trailing 36 1.4 rillig # whitespace. 37 1.4 rillig 38 1.4 rillig # On FreeBSD x86_64, a crash could in some cases be forced using the following 39 1.4 rillig # line, which has length 47, and if the memory for the expanded line starts at 40 1.4 rillig # 0xXXXX_XXd0, the terminating '\0' may end up at 0xXXXX_Xfff: 41 1.4 rillig Try_to_crash_FreeBSD.xxxxxxxxxxxxxxxxxx: 12345 ${:U} 42 1.4 rillig 43 1.4 rillig # The following line has length 4095 after being expanded, so line[4095] == 44 1.4 rillig # '\0'. If the line is 45 1.4 rillig # allocated on a page boundary and the following page is not mapped, this line 46 1.4 rillig # leads to a segmentation fault. 47 1.4 rillig ${:U:range=511:@_@1234567@:ts.}: 12345 ${:U} 48 1.4 rillig 49 1.4 rillig # The following line has length 8191, so line[8191] == '\0'. If the line is 50 1.4 rillig # allocated on a page boundary and the following page is not mapped, this line 51 1.4 rillig # leads to a segmentation fault. 52 1.4 rillig ${:U:range=1023:@_@1234567@:ts.}: 12345 ${:U} 53 1.4 rillig 54 1.4 rillig 12345: 55
Indexes created Fri Sep 26 20:09:58 GMT 2025