diff options
Diffstat (limited to 'meta/recipes-core')
23 files changed, 5048 insertions, 8 deletions
diff --git a/meta/recipes-core/busybox/busybox-inittab_1.33.0.bb b/meta/recipes-core/busybox/busybox-inittab_1.33.2.bb index 3804f4f7b2..3804f4f7b2 100644 --- a/meta/recipes-core/busybox/busybox-inittab_1.33.0.bb +++ b/meta/recipes-core/busybox/busybox-inittab_1.33.2.bb | |||
diff --git a/meta/recipes-core/busybox/busybox/0001-awk-fix-CVEs.patch b/meta/recipes-core/busybox/busybox/0001-awk-fix-CVEs.patch new file mode 100644 index 0000000000..c07b53ebfd --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0001-awk-fix-CVEs.patch | |||
@@ -0,0 +1,3266 @@ | |||
1 | From cf542caeed195af05fa6205341f829ccee53f8c2 Mon Sep 17 00:00:00 2001 | ||
2 | From: Chen Qi <Qi.Chen@windriver.com> | ||
3 | Date: Tue, 4 Jan 2022 17:48:03 -0800 | ||
4 | Subject: [PATCH] awk: fix CVEs | ||
5 | |||
6 | The awk CVEs is hard to be separated, thus we use the following method | ||
7 | to format the current patch. | ||
8 | git rev-list --reverse 1_33_2..1_34_1 -- editors/awk.c | xargs git cherry-pick | ||
9 | git reset HEAD~66 && git add . && git commit | ||
10 | |||
11 | CVE: CVE-2021-42378 | ||
12 | CVE: CVE-2021-42379 | ||
13 | CVE: CVE-2021-42380 | ||
14 | CVE: CVE-2021-42381 | ||
15 | CVE: CVE-2021-42382 | ||
16 | CVE: CVE-2021-42383 | ||
17 | CVE: CVE-2021-42384 | ||
18 | CVE: CVE-2021-42385 | ||
19 | CVE: CVE-2021-42386 | ||
20 | |||
21 | Upstream-Status: Backport | ||
22 | |||
23 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | ||
24 | --- | ||
25 | editors/awk.c | 2060 +++++++++++++++++++++++----------------- | ||
26 | testsuite/awk.tests | 62 +- | ||
27 | testsuite/printf.tests | 5 + | ||
28 | 3 files changed, 1264 insertions(+), 863 deletions(-) | ||
29 | |||
30 | diff --git a/editors/awk.c b/editors/awk.c | ||
31 | index 2c15f9e4e..f6314ac72 100644 | ||
32 | --- a/editors/awk.c | ||
33 | +++ b/editors/awk.c | ||
34 | @@ -66,6 +66,8 @@ | ||
35 | #endif | ||
36 | #ifndef debug_printf_parse | ||
37 | # define debug_printf_parse(...) (fprintf(stderr, __VA_ARGS__)) | ||
38 | +#else | ||
39 | +# define debug_parse_print_tc(...) ((void)0) | ||
40 | #endif | ||
41 | |||
42 | |||
43 | @@ -91,7 +93,6 @@ enum { | ||
44 | }; | ||
45 | |||
46 | #define MAXVARFMT 240 | ||
47 | -#define MINNVBLOCK 64 | ||
48 | |||
49 | /* variable flags */ | ||
50 | #define VF_NUMBER 0x0001 /* 1 = primary type is number */ | ||
51 | @@ -101,7 +102,7 @@ enum { | ||
52 | #define VF_USER 0x0200 /* 1 = user input (may be numeric string) */ | ||
53 | #define VF_SPECIAL 0x0400 /* 1 = requires extra handling when changed */ | ||
54 | #define VF_WALK 0x0800 /* 1 = variable has alloc'd x.walker list */ | ||
55 | -#define VF_FSTR 0x1000 /* 1 = var::string points to fstring buffer */ | ||
56 | +#define VF_FSTR 0x1000 /* 1 = don't free() var::string (not malloced, or is owned by something else) */ | ||
57 | #define VF_CHILD 0x2000 /* 1 = function arg; x.parent points to source */ | ||
58 | #define VF_DIRTY 0x4000 /* 1 = variable was set explicitly */ | ||
59 | |||
60 | @@ -118,8 +119,8 @@ typedef struct walker_list { | ||
61 | /* Variable */ | ||
62 | typedef struct var_s { | ||
63 | unsigned type; /* flags */ | ||
64 | - double number; | ||
65 | char *string; | ||
66 | + double number; | ||
67 | union { | ||
68 | int aidx; /* func arg idx (for compilation stage) */ | ||
69 | struct xhash_s *array; /* array ptr */ | ||
70 | @@ -138,6 +139,7 @@ typedef struct chain_s { | ||
71 | /* Function */ | ||
72 | typedef struct func_s { | ||
73 | unsigned nargs; | ||
74 | + smallint defined; | ||
75 | struct chain_s body; | ||
76 | } func; | ||
77 | |||
78 | @@ -177,7 +179,7 @@ typedef struct node_s { | ||
79 | struct node_s *n; | ||
80 | var *v; | ||
81 | int aidx; | ||
82 | - char *new_progname; | ||
83 | + const char *new_progname; | ||
84 | regex_t *re; | ||
85 | } l; | ||
86 | union { | ||
87 | @@ -190,91 +192,120 @@ typedef struct node_s { | ||
88 | } a; | ||
89 | } node; | ||
90 | |||
91 | -/* Block of temporary variables */ | ||
92 | -typedef struct nvblock_s { | ||
93 | - int size; | ||
94 | - var *pos; | ||
95 | - struct nvblock_s *prev; | ||
96 | - struct nvblock_s *next; | ||
97 | - var nv[]; | ||
98 | -} nvblock; | ||
99 | - | ||
100 | typedef struct tsplitter_s { | ||
101 | node n; | ||
102 | regex_t re[2]; | ||
103 | } tsplitter; | ||
104 | |||
105 | /* simple token classes */ | ||
106 | -/* Order and hex values are very important!!! See next_token() */ | ||
107 | -#define TC_SEQSTART (1 << 0) /* ( */ | ||
108 | -#define TC_SEQTERM (1 << 1) /* ) */ | ||
109 | -#define TC_REGEXP (1 << 2) /* /.../ */ | ||
110 | -#define TC_OUTRDR (1 << 3) /* | > >> */ | ||
111 | -#define TC_UOPPOST (1 << 4) /* unary postfix operator */ | ||
112 | -#define TC_UOPPRE1 (1 << 5) /* unary prefix operator */ | ||
113 | -#define TC_BINOPX (1 << 6) /* two-opnd operator */ | ||
114 | -#define TC_IN (1 << 7) | ||
115 | -#define TC_COMMA (1 << 8) | ||
116 | -#define TC_PIPE (1 << 9) /* input redirection pipe */ | ||
117 | -#define TC_UOPPRE2 (1 << 10) /* unary prefix operator */ | ||
118 | -#define TC_ARRTERM (1 << 11) /* ] */ | ||
119 | -#define TC_GRPSTART (1 << 12) /* { */ | ||
120 | -#define TC_GRPTERM (1 << 13) /* } */ | ||
121 | -#define TC_SEMICOL (1 << 14) | ||
122 | -#define TC_NEWLINE (1 << 15) | ||
123 | -#define TC_STATX (1 << 16) /* ctl statement (for, next...) */ | ||
124 | -#define TC_WHILE (1 << 17) | ||
125 | -#define TC_ELSE (1 << 18) | ||
126 | -#define TC_BUILTIN (1 << 19) | ||
127 | +/* order and hex values are very important!!! See next_token() */ | ||
128 | +#define TC_LPAREN (1 << 0) /* ( */ | ||
129 | +#define TC_RPAREN (1 << 1) /* ) */ | ||
130 | +#define TC_REGEXP (1 << 2) /* /.../ */ | ||
131 | +#define TC_OUTRDR (1 << 3) /* | > >> */ | ||
132 | +#define TC_UOPPOST (1 << 4) /* unary postfix operator ++ -- */ | ||
133 | +#define TC_UOPPRE1 (1 << 5) /* unary prefix operator ++ -- $ */ | ||
134 | +#define TC_BINOPX (1 << 6) /* two-opnd operator */ | ||
135 | +#define TC_IN (1 << 7) /* 'in' */ | ||
136 | +#define TC_COMMA (1 << 8) /* , */ | ||
137 | +#define TC_PIPE (1 << 9) /* input redirection pipe | */ | ||
138 | +#define TC_UOPPRE2 (1 << 10) /* unary prefix operator + - ! */ | ||
139 | +#define TC_ARRTERM (1 << 11) /* ] */ | ||
140 | +#define TC_LBRACE (1 << 12) /* { */ | ||
141 | +#define TC_RBRACE (1 << 13) /* } */ | ||
142 | +#define TC_SEMICOL (1 << 14) /* ; */ | ||
143 | +#define TC_NEWLINE (1 << 15) | ||
144 | +#define TC_STATX (1 << 16) /* ctl statement (for, next...) */ | ||
145 | +#define TC_WHILE (1 << 17) /* 'while' */ | ||
146 | +#define TC_ELSE (1 << 18) /* 'else' */ | ||
147 | +#define TC_BUILTIN (1 << 19) | ||
148 | /* This costs ~50 bytes of code. | ||
149 | * A separate class to support deprecated "length" form. If we don't need that | ||
150 | * (i.e. if we demand that only "length()" with () is valid), then TC_LENGTH | ||
151 | * can be merged with TC_BUILTIN: | ||
152 | */ | ||
153 | -#define TC_LENGTH (1 << 20) | ||
154 | -#define TC_GETLINE (1 << 21) | ||
155 | -#define TC_FUNCDECL (1 << 22) /* 'function' 'func' */ | ||
156 | -#define TC_BEGIN (1 << 23) | ||
157 | -#define TC_END (1 << 24) | ||
158 | -#define TC_EOF (1 << 25) | ||
159 | -#define TC_VARIABLE (1 << 26) | ||
160 | -#define TC_ARRAY (1 << 27) | ||
161 | -#define TC_FUNCTION (1 << 28) | ||
162 | -#define TC_STRING (1 << 29) | ||
163 | -#define TC_NUMBER (1 << 30) | ||
164 | - | ||
165 | -#define TC_UOPPRE (TC_UOPPRE1 | TC_UOPPRE2) | ||
166 | - | ||
167 | -/* combined token classes */ | ||
168 | -#define TC_BINOP (TC_BINOPX | TC_COMMA | TC_PIPE | TC_IN) | ||
169 | -//#define TC_UNARYOP (TC_UOPPRE | TC_UOPPOST) | ||
170 | -#define TC_OPERAND (TC_VARIABLE | TC_ARRAY | TC_FUNCTION \ | ||
171 | - | TC_BUILTIN | TC_LENGTH | TC_GETLINE \ | ||
172 | - | TC_SEQSTART | TC_STRING | TC_NUMBER) | ||
173 | - | ||
174 | -#define TC_STATEMNT (TC_STATX | TC_WHILE) | ||
175 | -#define TC_OPTERM (TC_SEMICOL | TC_NEWLINE) | ||
176 | +#define TC_LENGTH (1 << 20) /* 'length' */ | ||
177 | +#define TC_GETLINE (1 << 21) /* 'getline' */ | ||
178 | +#define TC_FUNCDECL (1 << 22) /* 'function' 'func' */ | ||
179 | +#define TC_BEGIN (1 << 23) /* 'BEGIN' */ | ||
180 | +#define TC_END (1 << 24) /* 'END' */ | ||
181 | +#define TC_EOF (1 << 25) | ||
182 | +#define TC_VARIABLE (1 << 26) /* name */ | ||
183 | +#define TC_ARRAY (1 << 27) /* name[ */ | ||
184 | +#define TC_FUNCTION (1 << 28) /* name( */ | ||
185 | +#define TC_STRING (1 << 29) /* "..." */ | ||
186 | +#define TC_NUMBER (1 << 30) | ||
187 | + | ||
188 | +#ifndef debug_parse_print_tc | ||
189 | +static void debug_parse_print_tc(uint32_t n) | ||
190 | +{ | ||
191 | + if (n & TC_LPAREN ) debug_printf_parse(" LPAREN" ); | ||
192 | + if (n & TC_RPAREN ) debug_printf_parse(" RPAREN" ); | ||
193 | + if (n & TC_REGEXP ) debug_printf_parse(" REGEXP" ); | ||
194 | + if (n & TC_OUTRDR ) debug_printf_parse(" OUTRDR" ); | ||
195 | + if (n & TC_UOPPOST ) debug_printf_parse(" UOPPOST" ); | ||
196 | + if (n & TC_UOPPRE1 ) debug_printf_parse(" UOPPRE1" ); | ||
197 | + if (n & TC_BINOPX ) debug_printf_parse(" BINOPX" ); | ||
198 | + if (n & TC_IN ) debug_printf_parse(" IN" ); | ||
199 | + if (n & TC_COMMA ) debug_printf_parse(" COMMA" ); | ||
200 | + if (n & TC_PIPE ) debug_printf_parse(" PIPE" ); | ||
201 | + if (n & TC_UOPPRE2 ) debug_printf_parse(" UOPPRE2" ); | ||
202 | + if (n & TC_ARRTERM ) debug_printf_parse(" ARRTERM" ); | ||
203 | + if (n & TC_LBRACE ) debug_printf_parse(" LBRACE" ); | ||
204 | + if (n & TC_RBRACE ) debug_printf_parse(" RBRACE" ); | ||
205 | + if (n & TC_SEMICOL ) debug_printf_parse(" SEMICOL" ); | ||
206 | + if (n & TC_NEWLINE ) debug_printf_parse(" NEWLINE" ); | ||
207 | + if (n & TC_STATX ) debug_printf_parse(" STATX" ); | ||
208 | + if (n & TC_WHILE ) debug_printf_parse(" WHILE" ); | ||
209 | + if (n & TC_ELSE ) debug_printf_parse(" ELSE" ); | ||
210 | + if (n & TC_BUILTIN ) debug_printf_parse(" BUILTIN" ); | ||
211 | + if (n & TC_LENGTH ) debug_printf_parse(" LENGTH" ); | ||
212 | + if (n & TC_GETLINE ) debug_printf_parse(" GETLINE" ); | ||
213 | + if (n & TC_FUNCDECL) debug_printf_parse(" FUNCDECL"); | ||
214 | + if (n & TC_BEGIN ) debug_printf_parse(" BEGIN" ); | ||
215 | + if (n & TC_END ) debug_printf_parse(" END" ); | ||
216 | + if (n & TC_EOF ) debug_printf_parse(" EOF" ); | ||
217 | + if (n & TC_VARIABLE) debug_printf_parse(" VARIABLE"); | ||
218 | + if (n & TC_ARRAY ) debug_printf_parse(" ARRAY" ); | ||
219 | + if (n & TC_FUNCTION) debug_printf_parse(" FUNCTION"); | ||
220 | + if (n & TC_STRING ) debug_printf_parse(" STRING" ); | ||
221 | + if (n & TC_NUMBER ) debug_printf_parse(" NUMBER" ); | ||
222 | +} | ||
223 | +#endif | ||
224 | + | ||
225 | +/* combined token classes ("token [class] sets") */ | ||
226 | +#define TS_UOPPRE (TC_UOPPRE1 | TC_UOPPRE2) | ||
227 | + | ||
228 | +#define TS_BINOP (TC_BINOPX | TC_COMMA | TC_PIPE | TC_IN) | ||
229 | +//#define TS_UNARYOP (TS_UOPPRE | TC_UOPPOST) | ||
230 | +#define TS_OPERAND (TC_VARIABLE | TC_ARRAY | TC_FUNCTION \ | ||
231 | + | TC_BUILTIN | TC_LENGTH | TC_GETLINE \ | ||
232 | + | TC_LPAREN | TC_STRING | TC_NUMBER) | ||
233 | + | ||
234 | +#define TS_LVALUE (TC_VARIABLE | TC_ARRAY) | ||
235 | +#define TS_STATEMNT (TC_STATX | TC_WHILE) | ||
236 | |||
237 | /* word tokens, cannot mean something else if not expected */ | ||
238 | -#define TC_WORD (TC_IN | TC_STATEMNT | TC_ELSE \ | ||
239 | - | TC_BUILTIN | TC_LENGTH | TC_GETLINE \ | ||
240 | - | TC_FUNCDECL | TC_BEGIN | TC_END) | ||
241 | +#define TS_WORD (TC_IN | TS_STATEMNT | TC_ELSE \ | ||
242 | + | TC_BUILTIN | TC_LENGTH | TC_GETLINE \ | ||
243 | + | TC_FUNCDECL | TC_BEGIN | TC_END) | ||
244 | |||
245 | /* discard newlines after these */ | ||
246 | -#define TC_NOTERM (TC_COMMA | TC_GRPSTART | TC_GRPTERM \ | ||
247 | - | TC_BINOP | TC_OPTERM) | ||
248 | +#define TS_NOTERM (TS_BINOP | TC_COMMA | TC_LBRACE | TC_RBRACE \ | ||
249 | + | TC_SEMICOL | TC_NEWLINE) | ||
250 | |||
251 | /* what can expression begin with */ | ||
252 | -#define TC_OPSEQ (TC_OPERAND | TC_UOPPRE | TC_REGEXP) | ||
253 | +#define TS_OPSEQ (TS_OPERAND | TS_UOPPRE | TC_REGEXP) | ||
254 | /* what can group begin with */ | ||
255 | -#define TC_GRPSEQ (TC_OPSEQ | TC_OPTERM | TC_STATEMNT | TC_GRPSTART) | ||
256 | +#define TS_GRPSEQ (TS_OPSEQ | TS_STATEMNT \ | ||
257 | + | TC_SEMICOL | TC_NEWLINE | TC_LBRACE) | ||
258 | |||
259 | -/* if previous token class is CONCAT1 and next is CONCAT2, concatenation */ | ||
260 | +/* if previous token class is CONCAT_L and next is CONCAT_R, concatenation */ | ||
261 | /* operator is inserted between them */ | ||
262 | -#define TC_CONCAT1 (TC_VARIABLE | TC_ARRTERM | TC_SEQTERM \ | ||
263 | +#define TS_CONCAT_L (TC_VARIABLE | TC_ARRTERM | TC_RPAREN \ | ||
264 | | TC_STRING | TC_NUMBER | TC_UOPPOST \ | ||
265 | | TC_LENGTH) | ||
266 | -#define TC_CONCAT2 (TC_OPERAND | TC_UOPPRE) | ||
267 | +#define TS_CONCAT_R (TS_OPERAND | TS_UOPPRE) | ||
268 | |||
269 | #define OF_RES1 0x010000 | ||
270 | #define OF_RES2 0x020000 | ||
271 | @@ -284,13 +315,12 @@ typedef struct tsplitter_s { | ||
272 | #define OF_CHECKED 0x200000 | ||
273 | #define OF_REQUIRED 0x400000 | ||
274 | |||
275 | - | ||
276 | /* combined operator flags */ | ||
277 | #define xx 0 | ||
278 | #define xV OF_RES2 | ||
279 | #define xS (OF_RES2 | OF_STR2) | ||
280 | #define Vx OF_RES1 | ||
281 | -#define Rx (OF_RES1 | OF_NUM1 | OF_REQUIRED) | ||
282 | +#define Rx OF_REQUIRED | ||
283 | #define VV (OF_RES1 | OF_RES2) | ||
284 | #define Nx (OF_RES1 | OF_NUM1) | ||
285 | #define NV (OF_RES1 | OF_NUM1 | OF_RES2) | ||
286 | @@ -302,8 +332,7 @@ typedef struct tsplitter_s { | ||
287 | #define OPNMASK 0x007F | ||
288 | |||
289 | /* operator priority is a highest byte (even: r->l, odd: l->r grouping) | ||
290 | - * For builtins it has different meaning: n n s3 s2 s1 v3 v2 v1, | ||
291 | - * n - min. number of args, vN - resolve Nth arg to var, sN - resolve to string | ||
292 | + * (for builtins it has different meaning) | ||
293 | */ | ||
294 | #undef P | ||
295 | #undef PRIMASK | ||
296 | @@ -313,10 +342,8 @@ typedef struct tsplitter_s { | ||
297 | #define PRIMASK2 0x7E000000 | ||
298 | |||
299 | /* Operation classes */ | ||
300 | - | ||
301 | #define SHIFT_TIL_THIS 0x0600 | ||
302 | #define RECUR_FROM_THIS 0x1000 | ||
303 | - | ||
304 | enum { | ||
305 | OC_DELETE = 0x0100, OC_EXEC = 0x0200, OC_NEWSOURCE = 0x0300, | ||
306 | OC_PRINT = 0x0400, OC_PRINTF = 0x0500, OC_WALKINIT = 0x0600, | ||
307 | @@ -358,8 +385,8 @@ enum { | ||
308 | #define NTCC '\377' | ||
309 | |||
310 | static const char tokenlist[] ALIGN1 = | ||
311 | - "\1(" NTC /* TC_SEQSTART */ | ||
312 | - "\1)" NTC /* TC_SEQTERM */ | ||
313 | + "\1(" NTC /* TC_LPAREN */ | ||
314 | + "\1)" NTC /* TC_RPAREN */ | ||
315 | "\1/" NTC /* TC_REGEXP */ | ||
316 | "\2>>" "\1>" "\1|" NTC /* TC_OUTRDR */ | ||
317 | "\2++" "\2--" NTC /* TC_UOPPOST */ | ||
318 | @@ -376,8 +403,8 @@ static const char tokenlist[] ALIGN1 = | ||
319 | "\1|" NTC /* TC_PIPE */ | ||
320 | "\1+" "\1-" "\1!" NTC /* TC_UOPPRE2 */ | ||
321 | "\1]" NTC /* TC_ARRTERM */ | ||
322 | - "\1{" NTC /* TC_GRPSTART */ | ||
323 | - "\1}" NTC /* TC_GRPTERM */ | ||
324 | + "\1{" NTC /* TC_LBRACE */ | ||
325 | + "\1}" NTC /* TC_RBRACE */ | ||
326 | "\1;" NTC /* TC_SEMICOL */ | ||
327 | "\1\n" NTC /* TC_NEWLINE */ | ||
328 | "\2if" "\2do" "\3for" "\5break" /* TC_STATX */ | ||
329 | @@ -391,7 +418,7 @@ static const char tokenlist[] ALIGN1 = | ||
330 | "\5close" "\6system" "\6fflush" "\5atan2" | ||
331 | "\3cos" "\3exp" "\3int" "\3log" | ||
332 | "\4rand" "\3sin" "\4sqrt" "\5srand" | ||
333 | - "\6gensub" "\4gsub" "\5index" /* "\6length" was here */ | ||
334 | + "\6gensub" "\4gsub" "\5index" /* "\6length" was here */ | ||
335 | "\5match" "\5split" "\7sprintf" "\3sub" | ||
336 | "\6substr" "\7systime" "\10strftime" "\6mktime" | ||
337 | "\7tolower" "\7toupper" NTC | ||
338 | @@ -403,25 +430,32 @@ static const char tokenlist[] ALIGN1 = | ||
339 | /* compiler adds trailing "\0" */ | ||
340 | ; | ||
341 | |||
342 | -#define OC_B OC_BUILTIN | ||
343 | - | ||
344 | static const uint32_t tokeninfo[] ALIGN4 = { | ||
345 | 0, | ||
346 | 0, | ||
347 | - OC_REGEXP, | ||
348 | +#define TI_REGEXP OC_REGEXP | ||
349 | + TI_REGEXP, | ||
350 | xS|'a', xS|'w', xS|'|', | ||
351 | OC_UNARY|xV|P(9)|'p', OC_UNARY|xV|P(9)|'m', | ||
352 | - OC_UNARY|xV|P(9)|'P', OC_UNARY|xV|P(9)|'M', OC_FIELD|xV|P(5), | ||
353 | +#define TI_PREINC (OC_UNARY|xV|P(9)|'P') | ||
354 | +#define TI_PREDEC (OC_UNARY|xV|P(9)|'M') | ||
355 | + TI_PREINC, TI_PREDEC, OC_FIELD|xV|P(5), | ||
356 | OC_COMPARE|VV|P(39)|5, OC_MOVE|VV|P(74), OC_REPLACE|NV|P(74)|'+', OC_REPLACE|NV|P(74)|'-', | ||
357 | OC_REPLACE|NV|P(74)|'*', OC_REPLACE|NV|P(74)|'/', OC_REPLACE|NV|P(74)|'%', OC_REPLACE|NV|P(74)|'&', | ||
358 | OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(74)|'&', OC_BINARY|NV|P(15)|'&', | ||
359 | OC_BINARY|NV|P(25)|'/', OC_BINARY|NV|P(25)|'%', OC_BINARY|NV|P(15)|'&', OC_BINARY|NV|P(25)|'*', | ||
360 | OC_COMPARE|VV|P(39)|4, OC_COMPARE|VV|P(39)|3, OC_COMPARE|VV|P(39)|0, OC_COMPARE|VV|P(39)|1, | ||
361 | - OC_COMPARE|VV|P(39)|2, OC_MATCH|Sx|P(45)|'!', OC_MATCH|Sx|P(45)|'~', OC_LAND|Vx|P(55), | ||
362 | - OC_LOR|Vx|P(59), OC_TERNARY|Vx|P(64)|'?', OC_COLON|xx|P(67)|':', | ||
363 | - OC_IN|SV|P(49), /* TC_IN */ | ||
364 | - OC_COMMA|SS|P(80), | ||
365 | - OC_PGETLINE|SV|P(37), | ||
366 | +#define TI_LESS (OC_COMPARE|VV|P(39)|2) | ||
367 | + TI_LESS, OC_MATCH|Sx|P(45)|'!', OC_MATCH|Sx|P(45)|'~', OC_LAND|Vx|P(55), | ||
368 | +#define TI_TERNARY (OC_TERNARY|Vx|P(64)|'?') | ||
369 | +#define TI_COLON (OC_COLON|xx|P(67)|':') | ||
370 | + OC_LOR|Vx|P(59), TI_TERNARY, TI_COLON, | ||
371 | +#define TI_IN (OC_IN|SV|P(49)) | ||
372 | + TI_IN, | ||
373 | +#define TI_COMMA (OC_COMMA|SS|P(80)) | ||
374 | + TI_COMMA, | ||
375 | +#define TI_PGETLINE (OC_PGETLINE|SV|P(37)) | ||
376 | + TI_PGETLINE, | ||
377 | OC_UNARY|xV|P(19)|'+', OC_UNARY|xV|P(19)|'-', OC_UNARY|xV|P(19)|'!', | ||
378 | 0, /* ] */ | ||
379 | 0, | ||
380 | @@ -434,20 +468,45 @@ static const uint32_t tokeninfo[] ALIGN4 = { | ||
381 | OC_RETURN|Vx, OC_EXIT|Nx, | ||
382 | ST_WHILE, | ||
383 | 0, /* else */ | ||
384 | - OC_B|B_an|P(0x83), OC_B|B_co|P(0x41), OC_B|B_ls|P(0x83), OC_B|B_or|P(0x83), | ||
385 | - OC_B|B_rs|P(0x83), OC_B|B_xo|P(0x83), | ||
386 | - OC_FBLTIN|Sx|F_cl, OC_FBLTIN|Sx|F_sy, OC_FBLTIN|Sx|F_ff, OC_B|B_a2|P(0x83), | ||
387 | - OC_FBLTIN|Nx|F_co, OC_FBLTIN|Nx|F_ex, OC_FBLTIN|Nx|F_in, OC_FBLTIN|Nx|F_lg, | ||
388 | - OC_FBLTIN|F_rn, OC_FBLTIN|Nx|F_si, OC_FBLTIN|Nx|F_sq, OC_FBLTIN|Nx|F_sr, | ||
389 | - OC_B|B_ge|P(0xd6), OC_B|B_gs|P(0xb6), OC_B|B_ix|P(0x9b), /* OC_FBLTIN|Sx|F_le, was here */ | ||
390 | - OC_B|B_ma|P(0x89), OC_B|B_sp|P(0x8b), OC_SPRINTF, OC_B|B_su|P(0xb6), | ||
391 | - OC_B|B_ss|P(0x8f), OC_FBLTIN|F_ti, OC_B|B_ti|P(0x0b), OC_B|B_mt|P(0x0b), | ||
392 | - OC_B|B_lo|P(0x49), OC_B|B_up|P(0x49), | ||
393 | - OC_FBLTIN|Sx|F_le, /* TC_LENGTH */ | ||
394 | - OC_GETLINE|SV|P(0), | ||
395 | - 0, 0, | ||
396 | - 0, | ||
397 | - 0 /* TC_END */ | ||
398 | +// OC_B's are builtins with enforced minimum number of arguments (two upper bits). | ||
399 | +// Highest byte bit pattern: nn s3s2s1 v3v2v1 | ||
400 | +// nn - min. number of args, sN - resolve Nth arg to string, vN - resolve to var | ||
401 | +// OC_F's are builtins with zero or one argument. | ||
402 | +// |Rx| enforces that arg is present for: system, close, cos, sin, exp, int, log, sqrt | ||
403 | +// Check for no args is present in builtins' code (not in this table): rand, systime | ||
404 | +// Have one _optional_ arg: fflush, srand, length | ||
405 | +#define OC_B OC_BUILTIN | ||
406 | +#define OC_F OC_FBLTIN | ||
407 | +#define A1 P(0x40) /*one arg*/ | ||
408 | +#define A2 P(0x80) /*two args*/ | ||
409 | +#define A3 P(0xc0) /*three args*/ | ||
410 | +#define __v P(1) | ||
411 | +#define _vv P(3) | ||
412 | +#define __s__v P(9) | ||
413 | +#define __s_vv P(0x0b) | ||
414 | +#define __svvv P(0x0f) | ||
415 | +#define _ss_vv P(0x1b) | ||
416 | +#define _s_vv_ P(0x16) | ||
417 | +#define ss_vv_ P(0x36) | ||
418 | + OC_B|B_an|_vv|A2, OC_B|B_co|__v|A1, OC_B|B_ls|_vv|A2, OC_B|B_or|_vv|A2, // and compl lshift or | ||
419 | + OC_B|B_rs|_vv|A2, OC_B|B_xo|_vv|A2, // rshift xor | ||
420 | + OC_F|F_cl|Sx|Rx, OC_F|F_sy|Sx|Rx, OC_F|F_ff|Sx, OC_B|B_a2|_vv|A2, // close system fflush atan2 | ||
421 | + OC_F|F_co|Nx|Rx, OC_F|F_ex|Nx|Rx, OC_F|F_in|Nx|Rx, OC_F|F_lg|Nx|Rx, // cos exp int log | ||
422 | + OC_F|F_rn, OC_F|F_si|Nx|Rx, OC_F|F_sq|Nx|Rx, OC_F|F_sr|Nx, // rand sin sqrt srand | ||
423 | + OC_B|B_ge|_s_vv_|A3,OC_B|B_gs|ss_vv_|A2,OC_B|B_ix|_ss_vv|A2, // gensub gsub index /*length was here*/ | ||
424 | + OC_B|B_ma|__s__v|A2,OC_B|B_sp|__s_vv|A2,OC_SPRINTF, OC_B|B_su|ss_vv_|A2,// match split sprintf sub | ||
425 | + OC_B|B_ss|__svvv|A2,OC_F|F_ti, OC_B|B_ti|__s_vv, OC_B|B_mt|__s_vv, // substr systime strftime mktime | ||
426 | + OC_B|B_lo|__s__v|A1,OC_B|B_up|__s__v|A1, // tolower toupper | ||
427 | + OC_F|F_le|Sx, // length | ||
428 | + OC_GETLINE|SV, // getline | ||
429 | + 0, 0, // func function | ||
430 | + 0, // BEGIN | ||
431 | + 0 // END | ||
432 | +#undef A1 | ||
433 | +#undef A2 | ||
434 | +#undef A3 | ||
435 | +#undef OC_B | ||
436 | +#undef OC_F | ||
437 | }; | ||
438 | |||
439 | /* internal variable names and their initial values */ | ||
440 | @@ -488,21 +547,29 @@ struct globals { | ||
441 | chain *seq; | ||
442 | node *break_ptr, *continue_ptr; | ||
443 | rstream *iF; | ||
444 | - xhash *vhash, *ahash, *fdhash, *fnhash; | ||
445 | + xhash *ahash; /* argument names, used only while parsing function bodies */ | ||
446 | + xhash *fnhash; /* function names, used only in parsing stage */ | ||
447 | + xhash *vhash; /* variables and arrays */ | ||
448 | + //xhash *fdhash; /* file objects, used only in execution stage */ | ||
449 | + //we are reusing ahash as fdhash, via define (see later) | ||
450 | const char *g_progname; | ||
451 | int g_lineno; | ||
452 | int nfields; | ||
453 | int maxfields; /* used in fsrealloc() only */ | ||
454 | var *Fields; | ||
455 | - nvblock *g_cb; | ||
456 | char *g_pos; | ||
457 | - char *g_buf; | ||
458 | + char g_saved_ch; | ||
459 | smallint icase; | ||
460 | smallint exiting; | ||
461 | smallint nextrec; | ||
462 | smallint nextfile; | ||
463 | smallint is_f0_split; | ||
464 | smallint t_rollback; | ||
465 | + | ||
466 | + /* former statics from various functions */ | ||
467 | + smallint next_token__concat_inserted; | ||
468 | + uint32_t next_token__save_tclass; | ||
469 | + uint32_t next_token__save_info; | ||
470 | }; | ||
471 | struct globals2 { | ||
472 | uint32_t t_info; /* often used */ | ||
473 | @@ -515,32 +582,35 @@ struct globals2 { | ||
474 | /* former statics from various functions */ | ||
475 | char *split_f0__fstrings; | ||
476 | |||
477 | - uint32_t next_token__save_tclass; | ||
478 | - uint32_t next_token__save_info; | ||
479 | - uint32_t next_token__ltclass; | ||
480 | - smallint next_token__concat_inserted; | ||
481 | - | ||
482 | - smallint next_input_file__files_happen; | ||
483 | rstream next_input_file__rsm; | ||
484 | + smallint next_input_file__files_happen; | ||
485 | + | ||
486 | + smalluint exitcode; | ||
487 | |||
488 | - var *evaluate__fnargs; | ||
489 | unsigned evaluate__seed; | ||
490 | + var *evaluate__fnargs; | ||
491 | regex_t evaluate__sreg; | ||
492 | |||
493 | - var ptest__v; | ||
494 | + var ptest__tmpvar; | ||
495 | + var awk_printf__tmpvar; | ||
496 | + var as_regex__tmpvar; | ||
497 | + var exit__tmpvar; | ||
498 | + var main__tmpvar; | ||
499 | |||
500 | tsplitter exec_builtin__tspl; | ||
501 | |||
502 | /* biggest and least used members go last */ | ||
503 | tsplitter fsplitter, rsplitter; | ||
504 | + | ||
505 | + char g_buf[MAXVARFMT + 1]; | ||
506 | }; | ||
507 | #define G1 (ptr_to_globals[-1]) | ||
508 | #define G (*(struct globals2 *)ptr_to_globals) | ||
509 | /* For debug. nm --size-sort awk.o | grep -vi ' [tr] ' */ | ||
510 | -/*char G1size[sizeof(G1)]; - 0x74 */ | ||
511 | -/*char Gsize[sizeof(G)]; - 0x1c4 */ | ||
512 | +//char G1size[sizeof(G1)]; // 0x70 | ||
513 | +//char Gsize[sizeof(G)]; // 0x2f8 | ||
514 | /* Trying to keep most of members accessible with short offsets: */ | ||
515 | -/*char Gofs_seed[offsetof(struct globals2, evaluate__seed)]; - 0x90 */ | ||
516 | +//char Gofs_seed[offsetof(struct globals2, evaluate__seed)]; // 0x7c | ||
517 | #define t_double (G1.t_double ) | ||
518 | #define beginseq (G1.beginseq ) | ||
519 | #define mainseq (G1.mainseq ) | ||
520 | @@ -549,18 +619,20 @@ struct globals2 { | ||
521 | #define break_ptr (G1.break_ptr ) | ||
522 | #define continue_ptr (G1.continue_ptr) | ||
523 | #define iF (G1.iF ) | ||
524 | -#define vhash (G1.vhash ) | ||
525 | #define ahash (G1.ahash ) | ||
526 | -#define fdhash (G1.fdhash ) | ||
527 | #define fnhash (G1.fnhash ) | ||
528 | +#define vhash (G1.vhash ) | ||
529 | +#define fdhash ahash | ||
530 | +//^^^^^^^^^^^^^^^^^^ ahash is cleared after every function parsing, | ||
531 | +// and ends up empty after parsing phase. Thus, we can simply reuse it | ||
532 | +// for fdhash in execution stage. | ||
533 | #define g_progname (G1.g_progname ) | ||
534 | #define g_lineno (G1.g_lineno ) | ||
535 | #define nfields (G1.nfields ) | ||
536 | #define maxfields (G1.maxfields ) | ||
537 | #define Fields (G1.Fields ) | ||
538 | -#define g_cb (G1.g_cb ) | ||
539 | #define g_pos (G1.g_pos ) | ||
540 | -#define g_buf (G1.g_buf ) | ||
541 | +#define g_saved_ch (G1.g_saved_ch ) | ||
542 | #define icase (G1.icase ) | ||
543 | #define exiting (G1.exiting ) | ||
544 | #define nextrec (G1.nextrec ) | ||
545 | @@ -574,25 +646,13 @@ struct globals2 { | ||
546 | #define intvar (G.intvar ) | ||
547 | #define fsplitter (G.fsplitter ) | ||
548 | #define rsplitter (G.rsplitter ) | ||
549 | +#define g_buf (G.g_buf ) | ||
550 | #define INIT_G() do { \ | ||
551 | SET_PTR_TO_GLOBALS((char*)xzalloc(sizeof(G1)+sizeof(G)) + sizeof(G1)); \ | ||
552 | - G.next_token__ltclass = TC_OPTERM; \ | ||
553 | + t_tclass = TC_NEWLINE; \ | ||
554 | G.evaluate__seed = 1; \ | ||
555 | } while (0) | ||
556 | |||
557 | - | ||
558 | -/* function prototypes */ | ||
559 | -static void handle_special(var *); | ||
560 | -static node *parse_expr(uint32_t); | ||
561 | -static void chain_group(void); | ||
562 | -static var *evaluate(node *, var *); | ||
563 | -static rstream *next_input_file(void); | ||
564 | -static int fmt_num(char *, int, const char *, double, int); | ||
565 | -static int awk_exit(int) NORETURN; | ||
566 | - | ||
567 | -/* ---- error handling ---- */ | ||
568 | - | ||
569 | -static const char EMSG_INTERNAL_ERROR[] ALIGN1 = "Internal error"; | ||
570 | static const char EMSG_UNEXP_EOS[] ALIGN1 = "Unexpected end of string"; | ||
571 | static const char EMSG_UNEXP_TOKEN[] ALIGN1 = "Unexpected token"; | ||
572 | static const char EMSG_DIV_BY_ZERO[] ALIGN1 = "Division by zero"; | ||
573 | @@ -604,10 +664,7 @@ static const char EMSG_UNDEF_FUNC[] ALIGN1 = "Call to undefined function"; | ||
574 | static const char EMSG_NO_MATH[] ALIGN1 = "Math support is not compiled in"; | ||
575 | static const char EMSG_NEGATIVE_FIELD[] ALIGN1 = "Access to negative field"; | ||
576 | |||
577 | -static void zero_out_var(var *vp) | ||
578 | -{ | ||
579 | - memset(vp, 0, sizeof(*vp)); | ||
580 | -} | ||
581 | +static int awk_exit(void) NORETURN; | ||
582 | |||
583 | static void syntax_error(const char *message) NORETURN; | ||
584 | static void syntax_error(const char *message) | ||
585 | @@ -638,12 +695,40 @@ static xhash *hash_init(void) | ||
586 | return newhash; | ||
587 | } | ||
588 | |||
589 | +static void hash_clear(xhash *hash) | ||
590 | +{ | ||
591 | + unsigned i; | ||
592 | + hash_item *hi, *thi; | ||
593 | + | ||
594 | + for (i = 0; i < hash->csize; i++) { | ||
595 | + hi = hash->items[i]; | ||
596 | + while (hi) { | ||
597 | + thi = hi; | ||
598 | + hi = hi->next; | ||
599 | +//FIXME: this assumes that it's a hash of *variables*: | ||
600 | + free(thi->data.v.string); | ||
601 | + free(thi); | ||
602 | + } | ||
603 | + hash->items[i] = NULL; | ||
604 | + } | ||
605 | + hash->glen = hash->nel = 0; | ||
606 | +} | ||
607 | + | ||
608 | +#if 0 //UNUSED | ||
609 | +static void hash_free(xhash *hash) | ||
610 | +{ | ||
611 | + hash_clear(hash); | ||
612 | + free(hash->items); | ||
613 | + free(hash); | ||
614 | +} | ||
615 | +#endif | ||
616 | + | ||
617 | /* find item in hash, return ptr to data, NULL if not found */ | ||
618 | -static void *hash_search(xhash *hash, const char *name) | ||
619 | +static NOINLINE void *hash_search3(xhash *hash, const char *name, unsigned idx) | ||
620 | { | ||
621 | hash_item *hi; | ||
622 | |||
623 | - hi = hash->items[hashidx(name) % hash->csize]; | ||
624 | + hi = hash->items[idx % hash->csize]; | ||
625 | while (hi) { | ||
626 | if (strcmp(hi->name, name) == 0) | ||
627 | return &hi->data; | ||
628 | @@ -652,6 +737,11 @@ static void *hash_search(xhash *hash, const char *name) | ||
629 | return NULL; | ||
630 | } | ||
631 | |||
632 | +static void *hash_search(xhash *hash, const char *name) | ||
633 | +{ | ||
634 | + return hash_search3(hash, name, hashidx(name)); | ||
635 | +} | ||
636 | + | ||
637 | /* grow hash if it becomes too big */ | ||
638 | static void hash_rebuild(xhash *hash) | ||
639 | { | ||
640 | @@ -687,16 +777,17 @@ static void *hash_find(xhash *hash, const char *name) | ||
641 | unsigned idx; | ||
642 | int l; | ||
643 | |||
644 | - hi = hash_search(hash, name); | ||
645 | + idx = hashidx(name); | ||
646 | + hi = hash_search3(hash, name, idx); | ||
647 | if (!hi) { | ||
648 | - if (++hash->nel / hash->csize > 10) | ||
649 | + if (++hash->nel > hash->csize * 8) | ||
650 | hash_rebuild(hash); | ||
651 | |||
652 | l = strlen(name) + 1; | ||
653 | hi = xzalloc(sizeof(*hi) + l); | ||
654 | strcpy(hi->name, name); | ||
655 | |||
656 | - idx = hashidx(name) % hash->csize; | ||
657 | + idx = idx % hash->csize; | ||
658 | hi->next = hash->items[idx]; | ||
659 | hash->items[idx] = hi; | ||
660 | hash->glen += l; | ||
661 | @@ -731,7 +822,7 @@ static void hash_remove(xhash *hash, const char *name) | ||
662 | |||
663 | static char *skip_spaces(char *p) | ||
664 | { | ||
665 | - while (1) { | ||
666 | + for (;;) { | ||
667 | if (*p == '\\' && p[1] == '\n') { | ||
668 | p++; | ||
669 | t_lineno++; | ||
670 | @@ -747,8 +838,10 @@ static char *skip_spaces(char *p) | ||
671 | static char *nextword(char **s) | ||
672 | { | ||
673 | char *p = *s; | ||
674 | - while (*(*s)++ != '\0') | ||
675 | + char *q = p; | ||
676 | + while (*q++ != '\0') | ||
677 | continue; | ||
678 | + *s = q; | ||
679 | return p; | ||
680 | } | ||
681 | |||
682 | @@ -811,10 +904,27 @@ static double my_strtod(char **pp) | ||
683 | |||
684 | /* -------- working with variables (set/get/copy/etc) -------- */ | ||
685 | |||
686 | -static xhash *iamarray(var *v) | ||
687 | +static void fmt_num(const char *format, double n) | ||
688 | { | ||
689 | - var *a = v; | ||
690 | + if (n == (long long)n) { | ||
691 | + snprintf(g_buf, MAXVARFMT, "%lld", (long long)n); | ||
692 | + } else { | ||
693 | + const char *s = format; | ||
694 | + char c; | ||
695 | + | ||
696 | + do { c = *s; } while (c && *++s); | ||
697 | + if (strchr("diouxX", c)) { | ||
698 | + snprintf(g_buf, MAXVARFMT, format, (int)n); | ||
699 | + } else if (strchr("eEfFgGaA", c)) { | ||
700 | + snprintf(g_buf, MAXVARFMT, format, n); | ||
701 | + } else { | ||
702 | + syntax_error(EMSG_INV_FMT); | ||
703 | + } | ||
704 | + } | ||
705 | +} | ||
706 | |||
707 | +static xhash *iamarray(var *a) | ||
708 | +{ | ||
709 | while (a->type & VF_CHILD) | ||
710 | a = a->x.parent; | ||
711 | |||
712 | @@ -825,23 +935,7 @@ static xhash *iamarray(var *v) | ||
713 | return a->x.array; | ||
714 | } | ||
715 | |||
716 | -static void clear_array(xhash *array) | ||
717 | -{ | ||
718 | - unsigned i; | ||
719 | - hash_item *hi, *thi; | ||
720 | - | ||
721 | - for (i = 0; i < array->csize; i++) { | ||
722 | - hi = array->items[i]; | ||
723 | - while (hi) { | ||
724 | - thi = hi; | ||
725 | - hi = hi->next; | ||
726 | - free(thi->data.v.string); | ||
727 | - free(thi); | ||
728 | - } | ||
729 | - array->items[i] = NULL; | ||
730 | - } | ||
731 | - array->glen = array->nel = 0; | ||
732 | -} | ||
733 | +#define clear_array(array) hash_clear(array) | ||
734 | |||
735 | /* clear a variable */ | ||
736 | static var *clrvar(var *v) | ||
737 | @@ -855,6 +949,8 @@ static var *clrvar(var *v) | ||
738 | return v; | ||
739 | } | ||
740 | |||
741 | +static void handle_special(var *); | ||
742 | + | ||
743 | /* assign string value to variable */ | ||
744 | static var *setvar_p(var *v, char *value) | ||
745 | { | ||
746 | @@ -901,7 +997,7 @@ static const char *getvar_s(var *v) | ||
747 | { | ||
748 | /* if v is numeric and has no cached string, convert it to string */ | ||
749 | if ((v->type & (VF_NUMBER | VF_CACHED)) == VF_NUMBER) { | ||
750 | - fmt_num(g_buf, MAXVARFMT, getvar_s(intvar[CONVFMT]), v->number, TRUE); | ||
751 | + fmt_num(getvar_s(intvar[CONVFMT]), v->number); | ||
752 | v->string = xstrdup(g_buf); | ||
753 | v->type |= VF_CACHED; | ||
754 | } | ||
755 | @@ -920,6 +1016,7 @@ static double getvar_i(var *v) | ||
756 | v->number = my_strtod(&s); | ||
757 | debug_printf_eval("%f (s:'%s')\n", v->number, s); | ||
758 | if (v->type & VF_USER) { | ||
759 | +//TODO: skip_spaces() also skips backslash+newline, is it intended here? | ||
760 | s = skip_spaces(s); | ||
761 | if (*s != '\0') | ||
762 | v->type &= ~VF_USER; | ||
763 | @@ -981,94 +1078,28 @@ static int istrue(var *v) | ||
764 | return (v->string && v->string[0]); | ||
765 | } | ||
766 | |||
767 | -/* temporary variables allocator. Last allocated should be first freed */ | ||
768 | -static var *nvalloc(int n) | ||
769 | -{ | ||
770 | - nvblock *pb = NULL; | ||
771 | - var *v, *r; | ||
772 | - int size; | ||
773 | - | ||
774 | - while (g_cb) { | ||
775 | - pb = g_cb; | ||
776 | - if ((g_cb->pos - g_cb->nv) + n <= g_cb->size) | ||
777 | - break; | ||
778 | - g_cb = g_cb->next; | ||
779 | - } | ||
780 | - | ||
781 | - if (!g_cb) { | ||
782 | - size = (n <= MINNVBLOCK) ? MINNVBLOCK : n; | ||
783 | - g_cb = xzalloc(sizeof(nvblock) + size * sizeof(var)); | ||
784 | - g_cb->size = size; | ||
785 | - g_cb->pos = g_cb->nv; | ||
786 | - g_cb->prev = pb; | ||
787 | - /*g_cb->next = NULL; - xzalloc did it */ | ||
788 | - if (pb) | ||
789 | - pb->next = g_cb; | ||
790 | - } | ||
791 | - | ||
792 | - v = r = g_cb->pos; | ||
793 | - g_cb->pos += n; | ||
794 | - | ||
795 | - while (v < g_cb->pos) { | ||
796 | - v->type = 0; | ||
797 | - v->string = NULL; | ||
798 | - v++; | ||
799 | - } | ||
800 | - | ||
801 | - return r; | ||
802 | -} | ||
803 | - | ||
804 | -static void nvfree(var *v) | ||
805 | -{ | ||
806 | - var *p; | ||
807 | - | ||
808 | - if (v < g_cb->nv || v >= g_cb->pos) | ||
809 | - syntax_error(EMSG_INTERNAL_ERROR); | ||
810 | - | ||
811 | - for (p = v; p < g_cb->pos; p++) { | ||
812 | - if ((p->type & (VF_ARRAY | VF_CHILD)) == VF_ARRAY) { | ||
813 | - clear_array(iamarray(p)); | ||
814 | - free(p->x.array->items); | ||
815 | - free(p->x.array); | ||
816 | - } | ||
817 | - if (p->type & VF_WALK) { | ||
818 | - walker_list *n; | ||
819 | - walker_list *w = p->x.walker; | ||
820 | - debug_printf_walker("nvfree: freeing walker @%p\n", &p->x.walker); | ||
821 | - p->x.walker = NULL; | ||
822 | - while (w) { | ||
823 | - n = w->prev; | ||
824 | - debug_printf_walker(" free(%p)\n", w); | ||
825 | - free(w); | ||
826 | - w = n; | ||
827 | - } | ||
828 | - } | ||
829 | - clrvar(p); | ||
830 | - } | ||
831 | - | ||
832 | - g_cb->pos = v; | ||
833 | - while (g_cb->prev && g_cb->pos == g_cb->nv) { | ||
834 | - g_cb = g_cb->prev; | ||
835 | - } | ||
836 | -} | ||
837 | - | ||
838 | /* ------- awk program text parsing ------- */ | ||
839 | |||
840 | -/* Parse next token pointed by global pos, place results into global ttt. | ||
841 | - * If token isn't expected, give away. Return token class | ||
842 | +/* Parse next token pointed by global pos, place results into global t_XYZ variables. | ||
843 | + * If token isn't expected, print error message and die. | ||
844 | + * Return token class (also store it in t_tclass). | ||
845 | */ | ||
846 | static uint32_t next_token(uint32_t expected) | ||
847 | { | ||
848 | -#define concat_inserted (G.next_token__concat_inserted) | ||
849 | -#define save_tclass (G.next_token__save_tclass) | ||
850 | -#define save_info (G.next_token__save_info) | ||
851 | -/* Initialized to TC_OPTERM: */ | ||
852 | -#define ltclass (G.next_token__ltclass) | ||
853 | +#define concat_inserted (G1.next_token__concat_inserted) | ||
854 | +#define save_tclass (G1.next_token__save_tclass) | ||
855 | +#define save_info (G1.next_token__save_info) | ||
856 | |||
857 | - char *p, *s; | ||
858 | + char *p; | ||
859 | const char *tl; | ||
860 | - uint32_t tc; | ||
861 | const uint32_t *ti; | ||
862 | + uint32_t tc, last_token_class; | ||
863 | + | ||
864 | + last_token_class = t_tclass; /* t_tclass is initialized to TC_NEWLINE */ | ||
865 | + | ||
866 | + debug_printf_parse("%s() expected(%x):", __func__, expected); | ||
867 | + debug_parse_print_tc(expected); | ||
868 | + debug_printf_parse("\n"); | ||
869 | |||
870 | if (t_rollback) { | ||
871 | debug_printf_parse("%s: using rolled-back token\n", __func__); | ||
872 | @@ -1080,6 +1111,10 @@ static uint32_t next_token(uint32_t expected) | ||
873 | t_info = save_info; | ||
874 | } else { | ||
875 | p = g_pos; | ||
876 | + if (g_saved_ch != '\0') { | ||
877 | + *p = g_saved_ch; | ||
878 | + g_saved_ch = '\0'; | ||
879 | + } | ||
880 | readnext: | ||
881 | p = skip_spaces(p); | ||
882 | g_lineno = t_lineno; | ||
883 | @@ -1087,15 +1122,12 @@ static uint32_t next_token(uint32_t expected) | ||
884 | while (*p != '\n' && *p != '\0') | ||
885 | p++; | ||
886 | |||
887 | - if (*p == '\n') | ||
888 | - t_lineno++; | ||
889 | - | ||
890 | if (*p == '\0') { | ||
891 | tc = TC_EOF; | ||
892 | debug_printf_parse("%s: token found: TC_EOF\n", __func__); | ||
893 | } else if (*p == '\"') { | ||
894 | /* it's a string */ | ||
895 | - t_string = s = ++p; | ||
896 | + char *s = t_string = ++p; | ||
897 | while (*p != '\"') { | ||
898 | char *pp; | ||
899 | if (*p == '\0' || *p == '\n') | ||
900 | @@ -1110,7 +1142,7 @@ static uint32_t next_token(uint32_t expected) | ||
901 | debug_printf_parse("%s: token found:'%s' TC_STRING\n", __func__, t_string); | ||
902 | } else if ((expected & TC_REGEXP) && *p == '/') { | ||
903 | /* it's regexp */ | ||
904 | - t_string = s = ++p; | ||
905 | + char *s = t_string = ++p; | ||
906 | while (*p != '/') { | ||
907 | if (*p == '\0' || *p == '\n') | ||
908 | syntax_error(EMSG_UNEXP_EOS); | ||
909 | @@ -1141,6 +1173,11 @@ static uint32_t next_token(uint32_t expected) | ||
910 | tc = TC_NUMBER; | ||
911 | debug_printf_parse("%s: token found:%f TC_NUMBER\n", __func__, t_double); | ||
912 | } else { | ||
913 | + char *end_of_name; | ||
914 | + | ||
915 | + if (*p == '\n') | ||
916 | + t_lineno++; | ||
917 | + | ||
918 | /* search for something known */ | ||
919 | tl = tokenlist; | ||
920 | tc = 0x00000001; | ||
921 | @@ -1155,9 +1192,9 @@ static uint32_t next_token(uint32_t expected) | ||
922 | * token matches, | ||
923 | * and it's not a longer word, | ||
924 | */ | ||
925 | - if ((tc & (expected | TC_WORD | TC_NEWLINE)) | ||
926 | + if ((tc & (expected | TS_WORD | TC_NEWLINE)) | ||
927 | && strncmp(p, tl, l) == 0 | ||
928 | - && !((tc & TC_WORD) && isalnum_(p[l])) | ||
929 | + && !((tc & TS_WORD) && isalnum_(p[l])) | ||
930 | ) { | ||
931 | /* then this is what we are looking for */ | ||
932 | t_info = *ti; | ||
933 | @@ -1174,67 +1211,94 @@ static uint32_t next_token(uint32_t expected) | ||
934 | if (!isalnum_(*p)) | ||
935 | syntax_error(EMSG_UNEXP_TOKEN); /* no */ | ||
936 | /* yes */ | ||
937 | - t_string = --p; | ||
938 | - while (isalnum_(*++p)) { | ||
939 | - p[-1] = *p; | ||
940 | - } | ||
941 | - p[-1] = '\0'; | ||
942 | - tc = TC_VARIABLE; | ||
943 | - /* also consume whitespace between functionname and bracket */ | ||
944 | - if (!(expected & TC_VARIABLE) || (expected & TC_ARRAY)) | ||
945 | + t_string = p; | ||
946 | + while (isalnum_(*p)) | ||
947 | + p++; | ||
948 | + end_of_name = p; | ||
949 | + | ||
950 | + if (last_token_class == TC_FUNCDECL) | ||
951 | + /* eat space in "function FUNC (...) {...}" declaration */ | ||
952 | p = skip_spaces(p); | ||
953 | + else if (expected & TC_ARRAY) { | ||
954 | + /* eat space between array name and [ */ | ||
955 | + char *s = skip_spaces(p); | ||
956 | + if (*s == '[') /* array ref, not just a name? */ | ||
957 | + p = s; | ||
958 | + } | ||
959 | + /* else: do NOT consume whitespace after variable name! | ||
960 | + * gawk allows definition "function FUNC (p) {...}" - note space, | ||
961 | + * but disallows the call "FUNC (p)" because it isn't one - | ||
962 | + * expression "v (a)" should NOT be parsed as TC_FUNCTION: | ||
963 | + * it is a valid concatenation if "v" is a variable, | ||
964 | + * not a function name (and type of name is not known at parse time). | ||
965 | + */ | ||
966 | + | ||
967 | if (*p == '(') { | ||
968 | + p++; | ||
969 | tc = TC_FUNCTION; | ||
970 | debug_printf_parse("%s: token found:'%s' TC_FUNCTION\n", __func__, t_string); | ||
971 | + } else if (*p == '[') { | ||
972 | + p++; | ||
973 | + tc = TC_ARRAY; | ||
974 | + debug_printf_parse("%s: token found:'%s' TC_ARRAY\n", __func__, t_string); | ||
975 | } else { | ||
976 | - if (*p == '[') { | ||
977 | - p++; | ||
978 | - tc = TC_ARRAY; | ||
979 | - debug_printf_parse("%s: token found:'%s' TC_ARRAY\n", __func__, t_string); | ||
980 | - } else | ||
981 | - debug_printf_parse("%s: token found:'%s' TC_VARIABLE\n", __func__, t_string); | ||
982 | + tc = TC_VARIABLE; | ||
983 | + debug_printf_parse("%s: token found:'%s' TC_VARIABLE\n", __func__, t_string); | ||
984 | + if (end_of_name == p) { | ||
985 | + /* there is no space for trailing NUL in t_string! | ||
986 | + * We need to save the char we are going to NUL. | ||
987 | + * (we'll use it in future call to next_token()) | ||
988 | + */ | ||
989 | + g_saved_ch = *end_of_name; | ||
990 | +// especially pathological example is V="abc"; V.2 - it's V concatenated to .2 | ||
991 | +// (it evaluates to "abc0.2"). Because of this case, we can't simply cache | ||
992 | +// '.' and analyze it later: we also have to *store it back* in next | ||
993 | +// next_token(), in order to give my_strtod() the undamaged ".2" string. | ||
994 | + } | ||
995 | } | ||
996 | + *end_of_name = '\0'; /* terminate t_string */ | ||
997 | } | ||
998 | token_found: | ||
999 | g_pos = p; | ||
1000 | |||
1001 | /* skipping newlines in some cases */ | ||
1002 | - if ((ltclass & TC_NOTERM) && (tc & TC_NEWLINE)) | ||
1003 | + if ((last_token_class & TS_NOTERM) && (tc & TC_NEWLINE)) | ||
1004 | goto readnext; | ||
1005 | |||
1006 | /* insert concatenation operator when needed */ | ||
1007 | - debug_printf_parse("%s: %x %x %x concat_inserted?\n", __func__, | ||
1008 | - (ltclass & TC_CONCAT1), (tc & TC_CONCAT2), (expected & TC_BINOP)); | ||
1009 | - if ((ltclass & TC_CONCAT1) && (tc & TC_CONCAT2) && (expected & TC_BINOP) | ||
1010 | - && !(ltclass == TC_LENGTH && tc == TC_SEQSTART) /* but not for "length(..." */ | ||
1011 | + debug_printf_parse("%s: concat_inserted if all nonzero: %x %x %x %x\n", __func__, | ||
1012 | + (last_token_class & TS_CONCAT_L), (tc & TS_CONCAT_R), (expected & TS_BINOP), | ||
1013 | + !(last_token_class == TC_LENGTH && tc == TC_LPAREN)); | ||
1014 | + if ((last_token_class & TS_CONCAT_L) && (tc & TS_CONCAT_R) && (expected & TS_BINOP) | ||
1015 | + && !(last_token_class == TC_LENGTH && tc == TC_LPAREN) /* but not for "length(..." */ | ||
1016 | ) { | ||
1017 | concat_inserted = TRUE; | ||
1018 | save_tclass = tc; | ||
1019 | save_info = t_info; | ||
1020 | - tc = TC_BINOP; | ||
1021 | + tc = TC_BINOPX; | ||
1022 | t_info = OC_CONCAT | SS | P(35); | ||
1023 | } | ||
1024 | |||
1025 | - debug_printf_parse("%s: t_tclass=tc=%x\n", __func__, t_tclass); | ||
1026 | t_tclass = tc; | ||
1027 | + debug_printf_parse("%s: t_tclass=tc=%x\n", __func__, tc); | ||
1028 | } | ||
1029 | - ltclass = t_tclass; | ||
1030 | - | ||
1031 | /* Are we ready for this? */ | ||
1032 | - if (!(ltclass & expected)) { | ||
1033 | - syntax_error((ltclass & (TC_NEWLINE | TC_EOF)) ? | ||
1034 | + if (!(t_tclass & expected)) { | ||
1035 | + syntax_error((last_token_class & (TC_NEWLINE | TC_EOF)) ? | ||
1036 | EMSG_UNEXP_EOS : EMSG_UNEXP_TOKEN); | ||
1037 | } | ||
1038 | |||
1039 | - debug_printf_parse("%s: returning, ltclass:%x t_double:%f\n", __func__, ltclass, t_double); | ||
1040 | - return ltclass; | ||
1041 | + debug_printf_parse("%s: returning, t_double:%f t_tclass:", __func__, t_double); | ||
1042 | + debug_parse_print_tc(t_tclass); | ||
1043 | + debug_printf_parse("\n"); | ||
1044 | + | ||
1045 | + return t_tclass; | ||
1046 | #undef concat_inserted | ||
1047 | #undef save_tclass | ||
1048 | #undef save_info | ||
1049 | -#undef ltclass | ||
1050 | } | ||
1051 | |||
1052 | -static void rollback_token(void) | ||
1053 | +static ALWAYS_INLINE void rollback_token(void) | ||
1054 | { | ||
1055 | t_rollback = TRUE; | ||
1056 | } | ||
1057 | @@ -1251,169 +1315,188 @@ static node *new_node(uint32_t info) | ||
1058 | |||
1059 | static void mk_re_node(const char *s, node *n, regex_t *re) | ||
1060 | { | ||
1061 | - n->info = OC_REGEXP; | ||
1062 | + n->info = TI_REGEXP; | ||
1063 | n->l.re = re; | ||
1064 | n->r.ire = re + 1; | ||
1065 | xregcomp(re, s, REG_EXTENDED); | ||
1066 | xregcomp(re + 1, s, REG_EXTENDED | REG_ICASE); | ||
1067 | } | ||
1068 | |||
1069 | -static node *condition(void) | ||
1070 | +static node *parse_expr(uint32_t); | ||
1071 | + | ||
1072 | +static node *parse_lrparen_list(void) | ||
1073 | { | ||
1074 | - next_token(TC_SEQSTART); | ||
1075 | - return parse_expr(TC_SEQTERM); | ||
1076 | + next_token(TC_LPAREN); | ||
1077 | + return parse_expr(TC_RPAREN); | ||
1078 | } | ||
1079 | |||
1080 | /* parse expression terminated by given argument, return ptr | ||
1081 | * to built subtree. Terminator is eaten by parse_expr */ | ||
1082 | -static node *parse_expr(uint32_t iexp) | ||
1083 | +static node *parse_expr(uint32_t term_tc) | ||
1084 | { | ||
1085 | node sn; | ||
1086 | node *cn = &sn; | ||
1087 | node *vn, *glptr; | ||
1088 | - uint32_t tc, xtc; | ||
1089 | + uint32_t tc, expected_tc; | ||
1090 | var *v; | ||
1091 | |||
1092 | - debug_printf_parse("%s(%x)\n", __func__, iexp); | ||
1093 | + debug_printf_parse("%s() term_tc(%x):", __func__, term_tc); | ||
1094 | + debug_parse_print_tc(term_tc); | ||
1095 | + debug_printf_parse("\n"); | ||
1096 | |||
1097 | sn.info = PRIMASK; | ||
1098 | sn.r.n = sn.a.n = glptr = NULL; | ||
1099 | - xtc = TC_OPERAND | TC_UOPPRE | TC_REGEXP | iexp; | ||
1100 | + expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP | term_tc; | ||
1101 | |||
1102 | - while (!((tc = next_token(xtc)) & iexp)) { | ||
1103 | + while (!((tc = next_token(expected_tc)) & term_tc)) { | ||
1104 | |||
1105 | - if (glptr && (t_info == (OC_COMPARE | VV | P(39) | 2))) { | ||
1106 | + if (glptr && (t_info == TI_LESS)) { | ||
1107 | /* input redirection (<) attached to glptr node */ | ||
1108 | debug_printf_parse("%s: input redir\n", __func__); | ||
1109 | cn = glptr->l.n = new_node(OC_CONCAT | SS | P(37)); | ||
1110 | cn->a.n = glptr; | ||
1111 | - xtc = TC_OPERAND | TC_UOPPRE; | ||
1112 | + expected_tc = TS_OPERAND | TS_UOPPRE; | ||
1113 | glptr = NULL; | ||
1114 | - | ||
1115 | - } else if (tc & (TC_BINOP | TC_UOPPOST)) { | ||
1116 | - debug_printf_parse("%s: TC_BINOP | TC_UOPPOST tc:%x\n", __func__, tc); | ||
1117 | + continue; | ||
1118 | + } | ||
1119 | + if (tc & (TS_BINOP | TC_UOPPOST)) { | ||
1120 | + debug_printf_parse("%s: TS_BINOP | TC_UOPPOST tc:%x\n", __func__, tc); | ||
1121 | /* for binary and postfix-unary operators, jump back over | ||
1122 | * previous operators with higher priority */ | ||
1123 | vn = cn; | ||
1124 | while (((t_info & PRIMASK) > (vn->a.n->info & PRIMASK2)) | ||
1125 | - || ((t_info == vn->info) && ((t_info & OPCLSMASK) == OC_COLON)) | ||
1126 | + || ((t_info == vn->info) && t_info == TI_COLON) | ||
1127 | ) { | ||
1128 | vn = vn->a.n; | ||
1129 | if (!vn->a.n) syntax_error(EMSG_UNEXP_TOKEN); | ||
1130 | } | ||
1131 | - if ((t_info & OPCLSMASK) == OC_TERNARY) | ||
1132 | + if (t_info == TI_TERNARY) | ||
1133 | +//TODO: why? | ||
1134 | t_info += P(6); | ||
1135 | cn = vn->a.n->r.n = new_node(t_info); | ||
1136 | cn->a.n = vn->a.n; | ||
1137 | - if (tc & TC_BINOP) { | ||
1138 | + if (tc & TS_BINOP) { | ||
1139 | cn->l.n = vn; | ||
1140 | - xtc = TC_OPERAND | TC_UOPPRE | TC_REGEXP; | ||
1141 | - if ((t_info & OPCLSMASK) == OC_PGETLINE) { | ||
1142 | +//FIXME: this is the place to detect and reject assignments to non-lvalues. | ||
1143 | +//Currently we allow "assignments" to consts and temporaries, nonsense like this: | ||
1144 | +// awk 'BEGIN { "qwe" = 1 }' | ||
1145 | +// awk 'BEGIN { 7 *= 7 }' | ||
1146 | +// awk 'BEGIN { length("qwe") = 1 }' | ||
1147 | +// awk 'BEGIN { (1+1) += 3 }' | ||
1148 | + expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP; | ||
1149 | + if (t_info == TI_PGETLINE) { | ||
1150 | /* it's a pipe */ | ||
1151 | next_token(TC_GETLINE); | ||
1152 | /* give maximum priority to this pipe */ | ||
1153 | cn->info &= ~PRIMASK; | ||
1154 | - xtc = TC_OPERAND | TC_UOPPRE | TC_BINOP | iexp; | ||
1155 | + expected_tc = TS_OPERAND | TS_UOPPRE | TS_BINOP | term_tc; | ||
1156 | } | ||
1157 | } else { | ||
1158 | cn->r.n = vn; | ||
1159 | - xtc = TC_OPERAND | TC_UOPPRE | TC_BINOP | iexp; | ||
1160 | + expected_tc = TS_OPERAND | TS_UOPPRE | TS_BINOP | term_tc; | ||
1161 | } | ||
1162 | vn->a.n = cn; | ||
1163 | + continue; | ||
1164 | + } | ||
1165 | |||
1166 | - } else { | ||
1167 | - debug_printf_parse("%s: other\n", __func__); | ||
1168 | - /* for operands and prefix-unary operators, attach them | ||
1169 | - * to last node */ | ||
1170 | - vn = cn; | ||
1171 | - cn = vn->r.n = new_node(t_info); | ||
1172 | - cn->a.n = vn; | ||
1173 | - xtc = TC_OPERAND | TC_UOPPRE | TC_REGEXP; | ||
1174 | - if (tc & (TC_OPERAND | TC_REGEXP)) { | ||
1175 | - debug_printf_parse("%s: TC_OPERAND | TC_REGEXP\n", __func__); | ||
1176 | - xtc = TC_UOPPRE | TC_UOPPOST | TC_BINOP | TC_OPERAND | iexp; | ||
1177 | - /* one should be very careful with switch on tclass - | ||
1178 | - * only simple tclasses should be used! */ | ||
1179 | - switch (tc) { | ||
1180 | - case TC_VARIABLE: | ||
1181 | - case TC_ARRAY: | ||
1182 | - debug_printf_parse("%s: TC_VARIABLE | TC_ARRAY\n", __func__); | ||
1183 | - cn->info = OC_VAR; | ||
1184 | - v = hash_search(ahash, t_string); | ||
1185 | - if (v != NULL) { | ||
1186 | - cn->info = OC_FNARG; | ||
1187 | - cn->l.aidx = v->x.aidx; | ||
1188 | - } else { | ||
1189 | - cn->l.v = newvar(t_string); | ||
1190 | - } | ||
1191 | - if (tc & TC_ARRAY) { | ||
1192 | - cn->info |= xS; | ||
1193 | - cn->r.n = parse_expr(TC_ARRTERM); | ||
1194 | - } | ||
1195 | - break; | ||
1196 | + debug_printf_parse("%s: other, t_info:%x\n", __func__, t_info); | ||
1197 | + /* for operands and prefix-unary operators, attach them | ||
1198 | + * to last node */ | ||
1199 | + vn = cn; | ||
1200 | + cn = vn->r.n = new_node(t_info); | ||
1201 | + cn->a.n = vn; | ||
1202 | |||
1203 | - case TC_NUMBER: | ||
1204 | - case TC_STRING: | ||
1205 | - debug_printf_parse("%s: TC_NUMBER | TC_STRING\n", __func__); | ||
1206 | - cn->info = OC_VAR; | ||
1207 | - v = cn->l.v = xzalloc(sizeof(var)); | ||
1208 | - if (tc & TC_NUMBER) | ||
1209 | - setvar_i(v, t_double); | ||
1210 | - else { | ||
1211 | - setvar_s(v, t_string); | ||
1212 | - xtc &= ~TC_UOPPOST; /* "str"++ is not allowed */ | ||
1213 | - } | ||
1214 | - break; | ||
1215 | + expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP; | ||
1216 | + if (t_info == TI_PREINC || t_info == TI_PREDEC) | ||
1217 | + expected_tc = TS_LVALUE | TC_UOPPRE1; | ||
1218 | |||
1219 | - case TC_REGEXP: | ||
1220 | - debug_printf_parse("%s: TC_REGEXP\n", __func__); | ||
1221 | - mk_re_node(t_string, cn, xzalloc(sizeof(regex_t)*2)); | ||
1222 | - break; | ||
1223 | + if (!(tc & (TS_OPERAND | TC_REGEXP))) | ||
1224 | + continue; | ||
1225 | |||
1226 | - case TC_FUNCTION: | ||
1227 | - debug_printf_parse("%s: TC_FUNCTION\n", __func__); | ||
1228 | - cn->info = OC_FUNC; | ||
1229 | - cn->r.f = newfunc(t_string); | ||
1230 | - cn->l.n = condition(); | ||
1231 | - break; | ||
1232 | + debug_printf_parse("%s: TS_OPERAND | TC_REGEXP\n", __func__); | ||
1233 | + expected_tc = TS_UOPPRE | TC_UOPPOST | TS_BINOP | TS_OPERAND | term_tc; | ||
1234 | + /* one should be very careful with switch on tclass - | ||
1235 | + * only simple tclasses should be used (TC_xyz, not TS_xyz) */ | ||
1236 | + switch (tc) { | ||
1237 | + case TC_VARIABLE: | ||
1238 | + case TC_ARRAY: | ||
1239 | + debug_printf_parse("%s: TC_VARIABLE | TC_ARRAY\n", __func__); | ||
1240 | + cn->info = OC_VAR; | ||
1241 | + v = hash_search(ahash, t_string); | ||
1242 | + if (v != NULL) { | ||
1243 | + cn->info = OC_FNARG; | ||
1244 | + cn->l.aidx = v->x.aidx; | ||
1245 | + } else { | ||
1246 | + cn->l.v = newvar(t_string); | ||
1247 | + } | ||
1248 | + if (tc & TC_ARRAY) { | ||
1249 | + cn->info |= xS; | ||
1250 | + cn->r.n = parse_expr(TC_ARRTERM); | ||
1251 | + } | ||
1252 | + break; | ||
1253 | |||
1254 | - case TC_SEQSTART: | ||
1255 | - debug_printf_parse("%s: TC_SEQSTART\n", __func__); | ||
1256 | - cn = vn->r.n = parse_expr(TC_SEQTERM); | ||
1257 | - if (!cn) | ||
1258 | - syntax_error("Empty sequence"); | ||
1259 | - cn->a.n = vn; | ||
1260 | - break; | ||
1261 | + case TC_NUMBER: | ||
1262 | + case TC_STRING: | ||
1263 | + debug_printf_parse("%s: TC_NUMBER | TC_STRING\n", __func__); | ||
1264 | + cn->info = OC_VAR; | ||
1265 | + v = cn->l.v = xzalloc(sizeof(var)); | ||
1266 | + if (tc & TC_NUMBER) | ||
1267 | + setvar_i(v, t_double); | ||
1268 | + else { | ||
1269 | + setvar_s(v, t_string); | ||
1270 | + expected_tc &= ~TC_UOPPOST; /* "str"++ is not allowed */ | ||
1271 | + } | ||
1272 | + break; | ||
1273 | |||
1274 | - case TC_GETLINE: | ||
1275 | - debug_printf_parse("%s: TC_GETLINE\n", __func__); | ||
1276 | - glptr = cn; | ||
1277 | - xtc = TC_OPERAND | TC_UOPPRE | TC_BINOP | iexp; | ||
1278 | - break; | ||
1279 | + case TC_REGEXP: | ||
1280 | + debug_printf_parse("%s: TC_REGEXP\n", __func__); | ||
1281 | + mk_re_node(t_string, cn, xzalloc(sizeof(regex_t)*2)); | ||
1282 | + break; | ||
1283 | |||
1284 | - case TC_BUILTIN: | ||
1285 | - debug_printf_parse("%s: TC_BUILTIN\n", __func__); | ||
1286 | - cn->l.n = condition(); | ||
1287 | - break; | ||
1288 | + case TC_FUNCTION: | ||
1289 | + debug_printf_parse("%s: TC_FUNCTION\n", __func__); | ||
1290 | + cn->info = OC_FUNC; | ||
1291 | + cn->r.f = newfunc(t_string); | ||
1292 | + cn->l.n = parse_expr(TC_RPAREN); | ||
1293 | + break; | ||
1294 | |||
1295 | - case TC_LENGTH: | ||
1296 | - debug_printf_parse("%s: TC_LENGTH\n", __func__); | ||
1297 | - next_token(TC_SEQSTART /* length(...) */ | ||
1298 | - | TC_OPTERM /* length; (or newline)*/ | ||
1299 | - | TC_GRPTERM /* length } */ | ||
1300 | - | TC_BINOPX /* length <op> NUM */ | ||
1301 | - | TC_COMMA /* print length, 1 */ | ||
1302 | - ); | ||
1303 | - rollback_token(); | ||
1304 | - if (t_tclass & TC_SEQSTART) { | ||
1305 | - /* It was a "(" token. Handle just like TC_BUILTIN */ | ||
1306 | - cn->l.n = condition(); | ||
1307 | - } | ||
1308 | - break; | ||
1309 | - } | ||
1310 | + case TC_LPAREN: | ||
1311 | + debug_printf_parse("%s: TC_LPAREN\n", __func__); | ||
1312 | + cn = vn->r.n = parse_expr(TC_RPAREN); | ||
1313 | + if (!cn) | ||
1314 | + syntax_error("Empty sequence"); | ||
1315 | + cn->a.n = vn; | ||
1316 | + break; | ||
1317 | + | ||
1318 | + case TC_GETLINE: | ||
1319 | + debug_printf_parse("%s: TC_GETLINE\n", __func__); | ||
1320 | + glptr = cn; | ||
1321 | + expected_tc = TS_OPERAND | TS_UOPPRE | TS_BINOP | term_tc; | ||
1322 | + break; | ||
1323 | + | ||
1324 | + case TC_BUILTIN: | ||
1325 | + debug_printf_parse("%s: TC_BUILTIN\n", __func__); | ||
1326 | + cn->l.n = parse_lrparen_list(); | ||
1327 | + break; | ||
1328 | + | ||
1329 | + case TC_LENGTH: | ||
1330 | + debug_printf_parse("%s: TC_LENGTH\n", __func__); | ||
1331 | + tc = next_token(TC_LPAREN /* length(...) */ | ||
1332 | + | TC_SEMICOL /* length; */ | ||
1333 | + | TC_NEWLINE /* length<newline> */ | ||
1334 | + | TC_RBRACE /* length } */ | ||
1335 | + | TC_BINOPX /* length <op> NUM */ | ||
1336 | + | TC_COMMA /* print length, 1 */ | ||
1337 | + ); | ||
1338 | + if (tc != TC_LPAREN) | ||
1339 | + rollback_token(); | ||
1340 | + else { | ||
1341 | + /* It was a "(" token. Handle just like TC_BUILTIN */ | ||
1342 | + cn->l.n = parse_expr(TC_RPAREN); | ||
1343 | } | ||
1344 | + break; | ||
1345 | } | ||
1346 | - } | ||
1347 | + } /* while() */ | ||
1348 | |||
1349 | debug_printf_parse("%s() returns %p\n", __func__, sn.r.n); | ||
1350 | return sn.r.n; | ||
1351 | @@ -1430,7 +1513,7 @@ static node *chain_node(uint32_t info) | ||
1352 | if (seq->programname != g_progname) { | ||
1353 | seq->programname = g_progname; | ||
1354 | n = chain_node(OC_NEWSOURCE); | ||
1355 | - n->l.new_progname = xstrdup(g_progname); | ||
1356 | + n->l.new_progname = g_progname; | ||
1357 | } | ||
1358 | |||
1359 | n = seq->last; | ||
1360 | @@ -1446,14 +1529,16 @@ static void chain_expr(uint32_t info) | ||
1361 | |||
1362 | n = chain_node(info); | ||
1363 | |||
1364 | - n->l.n = parse_expr(TC_OPTERM | TC_GRPTERM); | ||
1365 | + n->l.n = parse_expr(TC_SEMICOL | TC_NEWLINE | TC_RBRACE); | ||
1366 | if ((info & OF_REQUIRED) && !n->l.n) | ||
1367 | syntax_error(EMSG_TOO_FEW_ARGS); | ||
1368 | |||
1369 | - if (t_tclass & TC_GRPTERM) | ||
1370 | + if (t_tclass & TC_RBRACE) | ||
1371 | rollback_token(); | ||
1372 | } | ||
1373 | |||
1374 | +static void chain_group(void); | ||
1375 | + | ||
1376 | static node *chain_loop(node *nn) | ||
1377 | { | ||
1378 | node *n, *n2, *save_brk, *save_cont; | ||
1379 | @@ -1477,207 +1562,284 @@ static node *chain_loop(node *nn) | ||
1380 | return n; | ||
1381 | } | ||
1382 | |||
1383 | +static void chain_until_rbrace(void) | ||
1384 | +{ | ||
1385 | + uint32_t tc; | ||
1386 | + while ((tc = next_token(TS_GRPSEQ | TC_RBRACE)) != TC_RBRACE) { | ||
1387 | + debug_printf_parse("%s: !TC_RBRACE\n", __func__); | ||
1388 | + if (tc == TC_NEWLINE) | ||
1389 | + continue; | ||
1390 | + rollback_token(); | ||
1391 | + chain_group(); | ||
1392 | + } | ||
1393 | + debug_printf_parse("%s: TC_RBRACE\n", __func__); | ||
1394 | +} | ||
1395 | + | ||
1396 | /* parse group and attach it to chain */ | ||
1397 | static void chain_group(void) | ||
1398 | { | ||
1399 | - uint32_t c; | ||
1400 | + uint32_t tc; | ||
1401 | node *n, *n2, *n3; | ||
1402 | |||
1403 | do { | ||
1404 | - c = next_token(TC_GRPSEQ); | ||
1405 | - } while (c & TC_NEWLINE); | ||
1406 | - | ||
1407 | - if (c & TC_GRPSTART) { | ||
1408 | - debug_printf_parse("%s: TC_GRPSTART\n", __func__); | ||
1409 | - while (next_token(TC_GRPSEQ | TC_GRPTERM) != TC_GRPTERM) { | ||
1410 | - debug_printf_parse("%s: !TC_GRPTERM\n", __func__); | ||
1411 | - if (t_tclass & TC_NEWLINE) | ||
1412 | - continue; | ||
1413 | - rollback_token(); | ||
1414 | - chain_group(); | ||
1415 | - } | ||
1416 | - debug_printf_parse("%s: TC_GRPTERM\n", __func__); | ||
1417 | - } else if (c & (TC_OPSEQ | TC_OPTERM)) { | ||
1418 | - debug_printf_parse("%s: TC_OPSEQ | TC_OPTERM\n", __func__); | ||
1419 | + tc = next_token(TS_GRPSEQ); | ||
1420 | + } while (tc == TC_NEWLINE); | ||
1421 | + | ||
1422 | + if (tc == TC_LBRACE) { | ||
1423 | + debug_printf_parse("%s: TC_LBRACE\n", __func__); | ||
1424 | + chain_until_rbrace(); | ||
1425 | + return; | ||
1426 | + } | ||
1427 | + if (tc & (TS_OPSEQ | TC_SEMICOL)) { | ||
1428 | + debug_printf_parse("%s: TS_OPSEQ | TC_SEMICOL\n", __func__); | ||
1429 | rollback_token(); | ||
1430 | chain_expr(OC_EXEC | Vx); | ||
1431 | - } else { | ||
1432 | - /* TC_STATEMNT */ | ||
1433 | - debug_printf_parse("%s: TC_STATEMNT(?)\n", __func__); | ||
1434 | - switch (t_info & OPCLSMASK) { | ||
1435 | - case ST_IF: | ||
1436 | - debug_printf_parse("%s: ST_IF\n", __func__); | ||
1437 | - n = chain_node(OC_BR | Vx); | ||
1438 | - n->l.n = condition(); | ||
1439 | + return; | ||
1440 | + } | ||
1441 | + | ||
1442 | + /* TS_STATEMNT */ | ||
1443 | + debug_printf_parse("%s: TS_STATEMNT(?)\n", __func__); | ||
1444 | + switch (t_info & OPCLSMASK) { | ||
1445 | + case ST_IF: | ||
1446 | + debug_printf_parse("%s: ST_IF\n", __func__); | ||
1447 | + n = chain_node(OC_BR | Vx); | ||
1448 | + n->l.n = parse_lrparen_list(); | ||
1449 | + chain_group(); | ||
1450 | + n2 = chain_node(OC_EXEC); | ||
1451 | + n->r.n = seq->last; | ||
1452 | + if (next_token(TS_GRPSEQ | TC_RBRACE | TC_ELSE) == TC_ELSE) { | ||
1453 | chain_group(); | ||
1454 | - n2 = chain_node(OC_EXEC); | ||
1455 | - n->r.n = seq->last; | ||
1456 | - if (next_token(TC_GRPSEQ | TC_GRPTERM | TC_ELSE) == TC_ELSE) { | ||
1457 | - chain_group(); | ||
1458 | - n2->a.n = seq->last; | ||
1459 | - } else { | ||
1460 | - rollback_token(); | ||
1461 | - } | ||
1462 | - break; | ||
1463 | + n2->a.n = seq->last; | ||
1464 | + } else { | ||
1465 | + rollback_token(); | ||
1466 | + } | ||
1467 | + break; | ||
1468 | |||
1469 | - case ST_WHILE: | ||
1470 | - debug_printf_parse("%s: ST_WHILE\n", __func__); | ||
1471 | - n2 = condition(); | ||
1472 | - n = chain_loop(NULL); | ||
1473 | - n->l.n = n2; | ||
1474 | - break; | ||
1475 | + case ST_WHILE: | ||
1476 | + debug_printf_parse("%s: ST_WHILE\n", __func__); | ||
1477 | + n2 = parse_lrparen_list(); | ||
1478 | + n = chain_loop(NULL); | ||
1479 | + n->l.n = n2; | ||
1480 | + break; | ||
1481 | |||
1482 | - case ST_DO: | ||
1483 | - debug_printf_parse("%s: ST_DO\n", __func__); | ||
1484 | - n2 = chain_node(OC_EXEC); | ||
1485 | - n = chain_loop(NULL); | ||
1486 | - n2->a.n = n->a.n; | ||
1487 | - next_token(TC_WHILE); | ||
1488 | - n->l.n = condition(); | ||
1489 | - break; | ||
1490 | + case ST_DO: | ||
1491 | + debug_printf_parse("%s: ST_DO\n", __func__); | ||
1492 | + n2 = chain_node(OC_EXEC); | ||
1493 | + n = chain_loop(NULL); | ||
1494 | + n2->a.n = n->a.n; | ||
1495 | + next_token(TC_WHILE); | ||
1496 | + n->l.n = parse_lrparen_list(); | ||
1497 | + break; | ||
1498 | |||
1499 | - case ST_FOR: | ||
1500 | - debug_printf_parse("%s: ST_FOR\n", __func__); | ||
1501 | - next_token(TC_SEQSTART); | ||
1502 | - n2 = parse_expr(TC_SEMICOL | TC_SEQTERM); | ||
1503 | - if (t_tclass & TC_SEQTERM) { /* for-in */ | ||
1504 | - if (!n2 || (n2->info & OPCLSMASK) != OC_IN) | ||
1505 | - syntax_error(EMSG_UNEXP_TOKEN); | ||
1506 | - n = chain_node(OC_WALKINIT | VV); | ||
1507 | - n->l.n = n2->l.n; | ||
1508 | - n->r.n = n2->r.n; | ||
1509 | - n = chain_loop(NULL); | ||
1510 | - n->info = OC_WALKNEXT | Vx; | ||
1511 | - n->l.n = n2->l.n; | ||
1512 | - } else { /* for (;;) */ | ||
1513 | - n = chain_node(OC_EXEC | Vx); | ||
1514 | - n->l.n = n2; | ||
1515 | - n2 = parse_expr(TC_SEMICOL); | ||
1516 | - n3 = parse_expr(TC_SEQTERM); | ||
1517 | - n = chain_loop(n3); | ||
1518 | - n->l.n = n2; | ||
1519 | - if (!n2) | ||
1520 | - n->info = OC_EXEC; | ||
1521 | - } | ||
1522 | - break; | ||
1523 | + case ST_FOR: | ||
1524 | + debug_printf_parse("%s: ST_FOR\n", __func__); | ||
1525 | + next_token(TC_LPAREN); | ||
1526 | + n2 = parse_expr(TC_SEMICOL | TC_RPAREN); | ||
1527 | + if (t_tclass & TC_RPAREN) { /* for (I in ARRAY) */ | ||
1528 | + if (!n2 || n2->info != TI_IN) | ||
1529 | + syntax_error(EMSG_UNEXP_TOKEN); | ||
1530 | + n = chain_node(OC_WALKINIT | VV); | ||
1531 | + n->l.n = n2->l.n; | ||
1532 | + n->r.n = n2->r.n; | ||
1533 | + n = chain_loop(NULL); | ||
1534 | + n->info = OC_WALKNEXT | Vx; | ||
1535 | + n->l.n = n2->l.n; | ||
1536 | + } else { /* for (;;) */ | ||
1537 | + n = chain_node(OC_EXEC | Vx); | ||
1538 | + n->l.n = n2; | ||
1539 | + n2 = parse_expr(TC_SEMICOL); | ||
1540 | + n3 = parse_expr(TC_RPAREN); | ||
1541 | + n = chain_loop(n3); | ||
1542 | + n->l.n = n2; | ||
1543 | + if (!n2) | ||
1544 | + n->info = OC_EXEC; | ||
1545 | + } | ||
1546 | + break; | ||
1547 | |||
1548 | - case OC_PRINT: | ||
1549 | - case OC_PRINTF: | ||
1550 | - debug_printf_parse("%s: OC_PRINT[F]\n", __func__); | ||
1551 | - n = chain_node(t_info); | ||
1552 | - n->l.n = parse_expr(TC_OPTERM | TC_OUTRDR | TC_GRPTERM); | ||
1553 | - if (t_tclass & TC_OUTRDR) { | ||
1554 | - n->info |= t_info; | ||
1555 | - n->r.n = parse_expr(TC_OPTERM | TC_GRPTERM); | ||
1556 | - } | ||
1557 | - if (t_tclass & TC_GRPTERM) | ||
1558 | - rollback_token(); | ||
1559 | - break; | ||
1560 | + case OC_PRINT: | ||
1561 | + case OC_PRINTF: | ||
1562 | + debug_printf_parse("%s: OC_PRINT[F]\n", __func__); | ||
1563 | + n = chain_node(t_info); | ||
1564 | + n->l.n = parse_expr(TC_SEMICOL | TC_NEWLINE | TC_OUTRDR | TC_RBRACE); | ||
1565 | + if (t_tclass & TC_OUTRDR) { | ||
1566 | + n->info |= t_info; | ||
1567 | + n->r.n = parse_expr(TC_SEMICOL | TC_NEWLINE | TC_RBRACE); | ||
1568 | + } | ||
1569 | + if (t_tclass & TC_RBRACE) | ||
1570 | + rollback_token(); | ||
1571 | + break; | ||
1572 | |||
1573 | - case OC_BREAK: | ||
1574 | - debug_printf_parse("%s: OC_BREAK\n", __func__); | ||
1575 | - n = chain_node(OC_EXEC); | ||
1576 | - n->a.n = break_ptr; | ||
1577 | - chain_expr(t_info); | ||
1578 | - break; | ||
1579 | + case OC_BREAK: | ||
1580 | + debug_printf_parse("%s: OC_BREAK\n", __func__); | ||
1581 | + n = chain_node(OC_EXEC); | ||
1582 | + if (!break_ptr) | ||
1583 | + syntax_error("'break' not in a loop"); | ||
1584 | + n->a.n = break_ptr; | ||
1585 | + chain_expr(t_info); | ||
1586 | + break; | ||
1587 | |||
1588 | - case OC_CONTINUE: | ||
1589 | - debug_printf_parse("%s: OC_CONTINUE\n", __func__); | ||
1590 | - n = chain_node(OC_EXEC); | ||
1591 | - n->a.n = continue_ptr; | ||
1592 | - chain_expr(t_info); | ||
1593 | - break; | ||
1594 | + case OC_CONTINUE: | ||
1595 | + debug_printf_parse("%s: OC_CONTINUE\n", __func__); | ||
1596 | + n = chain_node(OC_EXEC); | ||
1597 | + if (!continue_ptr) | ||
1598 | + syntax_error("'continue' not in a loop"); | ||
1599 | + n->a.n = continue_ptr; | ||
1600 | + chain_expr(t_info); | ||
1601 | + break; | ||
1602 | |||
1603 | - /* delete, next, nextfile, return, exit */ | ||
1604 | - default: | ||
1605 | - debug_printf_parse("%s: default\n", __func__); | ||
1606 | - chain_expr(t_info); | ||
1607 | - } | ||
1608 | + /* delete, next, nextfile, return, exit */ | ||
1609 | + default: | ||
1610 | + debug_printf_parse("%s: default\n", __func__); | ||
1611 | + chain_expr(t_info); | ||
1612 | } | ||
1613 | } | ||
1614 | |||
1615 | static void parse_program(char *p) | ||
1616 | { | ||
1617 | - uint32_t tclass; | ||
1618 | - node *cn; | ||
1619 | - func *f; | ||
1620 | - var *v; | ||
1621 | + debug_printf_parse("%s()\n", __func__); | ||
1622 | |||
1623 | g_pos = p; | ||
1624 | t_lineno = 1; | ||
1625 | - while ((tclass = next_token(TC_EOF | TC_OPSEQ | TC_GRPSTART | | ||
1626 | - TC_OPTERM | TC_BEGIN | TC_END | TC_FUNCDECL)) != TC_EOF) { | ||
1627 | + for (;;) { | ||
1628 | + uint32_t tclass; | ||
1629 | |||
1630 | - if (tclass & TC_OPTERM) { | ||
1631 | - debug_printf_parse("%s: TC_OPTERM\n", __func__); | ||
1632 | + tclass = next_token(TS_OPSEQ | TC_LBRACE | TC_BEGIN | TC_END | TC_FUNCDECL | ||
1633 | + | TC_EOF | TC_NEWLINE /* but not TC_SEMICOL */); | ||
1634 | + got_tok: | ||
1635 | + if (tclass == TC_EOF) { | ||
1636 | + debug_printf_parse("%s: TC_EOF\n", __func__); | ||
1637 | + break; | ||
1638 | + } | ||
1639 | + if (tclass == TC_NEWLINE) { | ||
1640 | + debug_printf_parse("%s: TC_NEWLINE\n", __func__); | ||
1641 | continue; | ||
1642 | } | ||
1643 | - | ||
1644 | - seq = &mainseq; | ||
1645 | - if (tclass & TC_BEGIN) { | ||
1646 | + if (tclass == TC_BEGIN) { | ||
1647 | debug_printf_parse("%s: TC_BEGIN\n", __func__); | ||
1648 | seq = &beginseq; | ||
1649 | - chain_group(); | ||
1650 | - } else if (tclass & TC_END) { | ||
1651 | + /* ensure there is no newline between BEGIN and { */ | ||
1652 | + next_token(TC_LBRACE); | ||
1653 | + chain_until_rbrace(); | ||
1654 | + goto next_tok; | ||
1655 | + } | ||
1656 | + if (tclass == TC_END) { | ||
1657 | debug_printf_parse("%s: TC_END\n", __func__); | ||
1658 | seq = &endseq; | ||
1659 | - chain_group(); | ||
1660 | - } else if (tclass & TC_FUNCDECL) { | ||
1661 | + /* ensure there is no newline between END and { */ | ||
1662 | + next_token(TC_LBRACE); | ||
1663 | + chain_until_rbrace(); | ||
1664 | + goto next_tok; | ||
1665 | + } | ||
1666 | + if (tclass == TC_FUNCDECL) { | ||
1667 | + func *f; | ||
1668 | + | ||
1669 | debug_printf_parse("%s: TC_FUNCDECL\n", __func__); | ||
1670 | next_token(TC_FUNCTION); | ||
1671 | - g_pos++; | ||
1672 | f = newfunc(t_string); | ||
1673 | - f->body.first = NULL; | ||
1674 | - f->nargs = 0; | ||
1675 | - /* Match func arg list: a comma sep list of >= 0 args, and a close paren */ | ||
1676 | - while (next_token(TC_VARIABLE | TC_SEQTERM | TC_COMMA)) { | ||
1677 | - /* Either an empty arg list, or trailing comma from prev iter | ||
1678 | - * must be followed by an arg */ | ||
1679 | - if (f->nargs == 0 && t_tclass == TC_SEQTERM) | ||
1680 | - break; | ||
1681 | - | ||
1682 | - /* TC_SEQSTART/TC_COMMA must be followed by TC_VARIABLE */ | ||
1683 | - if (t_tclass != TC_VARIABLE) | ||
1684 | + if (f->defined) | ||
1685 | + syntax_error("Duplicate function"); | ||
1686 | + f->defined = 1; | ||
1687 | + //f->body.first = NULL; - already is | ||
1688 | + //f->nargs = 0; - already is | ||
1689 | + /* func arg list: comma sep list of args, and a close paren */ | ||
1690 | + for (;;) { | ||
1691 | + var *v; | ||
1692 | + if (next_token(TC_VARIABLE | TC_RPAREN) == TC_RPAREN) { | ||
1693 | + if (f->nargs == 0) | ||
1694 | + break; /* func() is ok */ | ||
1695 | + /* func(a,) is not ok */ | ||
1696 | syntax_error(EMSG_UNEXP_TOKEN); | ||
1697 | - | ||
1698 | + } | ||
1699 | v = findvar(ahash, t_string); | ||
1700 | v->x.aidx = f->nargs++; | ||
1701 | - | ||
1702 | /* Arg followed either by end of arg list or 1 comma */ | ||
1703 | - if (next_token(TC_COMMA | TC_SEQTERM) & TC_SEQTERM) | ||
1704 | + if (next_token(TC_COMMA | TC_RPAREN) == TC_RPAREN) | ||
1705 | break; | ||
1706 | - if (t_tclass != TC_COMMA) | ||
1707 | - syntax_error(EMSG_UNEXP_TOKEN); | ||
1708 | + /* it was a comma, we ate it */ | ||
1709 | } | ||
1710 | seq = &f->body; | ||
1711 | - chain_group(); | ||
1712 | - clear_array(ahash); | ||
1713 | - } else if (tclass & TC_OPSEQ) { | ||
1714 | - debug_printf_parse("%s: TC_OPSEQ\n", __func__); | ||
1715 | + /* ensure there is { after "func F(...)" - but newlines are allowed */ | ||
1716 | + while (next_token(TC_LBRACE | TC_NEWLINE) == TC_NEWLINE) | ||
1717 | + continue; | ||
1718 | + chain_until_rbrace(); | ||
1719 | + hash_clear(ahash); | ||
1720 | + goto next_tok; | ||
1721 | + } | ||
1722 | + seq = &mainseq; | ||
1723 | + if (tclass & TS_OPSEQ) { | ||
1724 | + node *cn; | ||
1725 | + | ||
1726 | + debug_printf_parse("%s: TS_OPSEQ\n", __func__); | ||
1727 | rollback_token(); | ||
1728 | cn = chain_node(OC_TEST); | ||
1729 | - cn->l.n = parse_expr(TC_OPTERM | TC_EOF | TC_GRPSTART); | ||
1730 | - if (t_tclass & TC_GRPSTART) { | ||
1731 | - debug_printf_parse("%s: TC_GRPSTART\n", __func__); | ||
1732 | - rollback_token(); | ||
1733 | - chain_group(); | ||
1734 | + cn->l.n = parse_expr(TC_SEMICOL | TC_NEWLINE | TC_EOF | TC_LBRACE); | ||
1735 | + if (t_tclass == TC_LBRACE) { | ||
1736 | + debug_printf_parse("%s: TC_LBRACE\n", __func__); | ||
1737 | + chain_until_rbrace(); | ||
1738 | } else { | ||
1739 | - debug_printf_parse("%s: !TC_GRPSTART\n", __func__); | ||
1740 | + /* no action, assume default "{ print }" */ | ||
1741 | + debug_printf_parse("%s: !TC_LBRACE\n", __func__); | ||
1742 | chain_node(OC_PRINT); | ||
1743 | } | ||
1744 | cn->r.n = mainseq.last; | ||
1745 | - } else /* if (tclass & TC_GRPSTART) */ { | ||
1746 | - debug_printf_parse("%s: TC_GRPSTART(?)\n", __func__); | ||
1747 | - rollback_token(); | ||
1748 | - chain_group(); | ||
1749 | + goto next_tok; | ||
1750 | } | ||
1751 | - } | ||
1752 | - debug_printf_parse("%s: TC_EOF\n", __func__); | ||
1753 | + /* tclass == TC_LBRACE */ | ||
1754 | + debug_printf_parse("%s: TC_LBRACE(?)\n", __func__); | ||
1755 | + chain_until_rbrace(); | ||
1756 | + next_tok: | ||
1757 | + /* Same as next_token() at the top of the loop, + TC_SEMICOL */ | ||
1758 | + tclass = next_token(TS_OPSEQ | TC_LBRACE | TC_BEGIN | TC_END | TC_FUNCDECL | ||
1759 | + | TC_EOF | TC_NEWLINE | TC_SEMICOL); | ||
1760 | + /* gawk allows many newlines, but does not allow more than one semicolon: | ||
1761 | + * BEGIN {...}<newline>;<newline>; | ||
1762 | + * would complain "each rule must have a pattern or an action part". | ||
1763 | + * Same message for | ||
1764 | + * ; BEGIN {...} | ||
1765 | + */ | ||
1766 | + if (tclass != TC_SEMICOL) | ||
1767 | + goto got_tok; /* use this token */ | ||
1768 | + /* else: loop back - ate the semicolon, get and use _next_ token */ | ||
1769 | + } /* for (;;) */ | ||
1770 | } | ||
1771 | |||
1772 | - | ||
1773 | /* -------- program execution part -------- */ | ||
1774 | |||
1775 | +/* temporary variables allocator */ | ||
1776 | +static var *nvalloc(int sz) | ||
1777 | +{ | ||
1778 | + return xzalloc(sz * sizeof(var)); | ||
1779 | +} | ||
1780 | + | ||
1781 | +static void nvfree(var *v, int sz) | ||
1782 | +{ | ||
1783 | + var *p = v; | ||
1784 | + | ||
1785 | + while (--sz >= 0) { | ||
1786 | + if ((p->type & (VF_ARRAY | VF_CHILD)) == VF_ARRAY) { | ||
1787 | + clear_array(iamarray(p)); | ||
1788 | + free(p->x.array->items); | ||
1789 | + free(p->x.array); | ||
1790 | + } | ||
1791 | + if (p->type & VF_WALK) { | ||
1792 | + walker_list *n; | ||
1793 | + walker_list *w = p->x.walker; | ||
1794 | + debug_printf_walker("nvfree: freeing walker @%p\n", &p->x.walker); | ||
1795 | + p->x.walker = NULL; | ||
1796 | + while (w) { | ||
1797 | + n = w->prev; | ||
1798 | + debug_printf_walker(" free(%p)\n", w); | ||
1799 | + free(w); | ||
1800 | + w = n; | ||
1801 | + } | ||
1802 | + } | ||
1803 | + clrvar(p); | ||
1804 | + p++; | ||
1805 | + } | ||
1806 | + | ||
1807 | + free(v); | ||
1808 | +} | ||
1809 | + | ||
1810 | static node *mk_splitter(const char *s, tsplitter *spl) | ||
1811 | { | ||
1812 | regex_t *re, *ire; | ||
1813 | @@ -1686,7 +1848,7 @@ static node *mk_splitter(const char *s, tsplitter *spl) | ||
1814 | re = &spl->re[0]; | ||
1815 | ire = &spl->re[1]; | ||
1816 | n = &spl->n; | ||
1817 | - if ((n->info & OPCLSMASK) == OC_REGEXP) { | ||
1818 | + if (n->info == TI_REGEXP) { | ||
1819 | regfree(re); | ||
1820 | regfree(ire); // TODO: nuke ire, use re+1? | ||
1821 | } | ||
1822 | @@ -1699,21 +1861,28 @@ static node *mk_splitter(const char *s, tsplitter *spl) | ||
1823 | return n; | ||
1824 | } | ||
1825 | |||
1826 | -/* use node as a regular expression. Supplied with node ptr and regex_t | ||
1827 | +static var *evaluate(node *, var *); | ||
1828 | + | ||
1829 | +/* Use node as a regular expression. Supplied with node ptr and regex_t | ||
1830 | * storage space. Return ptr to regex (if result points to preg, it should | ||
1831 | - * be later regfree'd manually | ||
1832 | + * be later regfree'd manually). | ||
1833 | */ | ||
1834 | static regex_t *as_regex(node *op, regex_t *preg) | ||
1835 | { | ||
1836 | int cflags; | ||
1837 | - var *v; | ||
1838 | const char *s; | ||
1839 | |||
1840 | - if ((op->info & OPCLSMASK) == OC_REGEXP) { | ||
1841 | + if (op->info == TI_REGEXP) { | ||
1842 | return icase ? op->r.ire : op->l.re; | ||
1843 | } | ||
1844 | - v = nvalloc(1); | ||
1845 | - s = getvar_s(evaluate(op, v)); | ||
1846 | + | ||
1847 | + //tmpvar = nvalloc(1); | ||
1848 | +#define TMPVAR (&G.as_regex__tmpvar) | ||
1849 | + // We use a single "static" tmpvar (instead of on-stack or malloced one) | ||
1850 | + // to decrease memory consumption in deeply-recursive awk programs. | ||
1851 | + // The rule to work safely is to never call evaluate() while our static | ||
1852 | + // TMPVAR's value is still needed. | ||
1853 | + s = getvar_s(evaluate(op, TMPVAR)); | ||
1854 | |||
1855 | cflags = icase ? REG_EXTENDED | REG_ICASE : REG_EXTENDED; | ||
1856 | /* Testcase where REG_EXTENDED fails (unpaired '{'): | ||
1857 | @@ -1725,7 +1894,8 @@ static regex_t *as_regex(node *op, regex_t *preg) | ||
1858 | cflags &= ~REG_EXTENDED; | ||
1859 | xregcomp(preg, s, cflags); | ||
1860 | } | ||
1861 | - nvfree(v); | ||
1862 | + //nvfree(tmpvar, 1); | ||
1863 | +#undef TMPVAR | ||
1864 | return preg; | ||
1865 | } | ||
1866 | |||
1867 | @@ -1745,12 +1915,22 @@ static char* qrealloc(char *b, int n, int *size) | ||
1868 | /* resize field storage space */ | ||
1869 | static void fsrealloc(int size) | ||
1870 | { | ||
1871 | - int i; | ||
1872 | + int i, newsize; | ||
1873 | |||
1874 | if (size >= maxfields) { | ||
1875 | + /* Sanity cap, easier than catering for overflows */ | ||
1876 | + if (size > 0xffffff) | ||
1877 | + bb_die_memory_exhausted(); | ||
1878 | + | ||
1879 | i = maxfields; | ||
1880 | maxfields = size + 16; | ||
1881 | - Fields = xrealloc(Fields, maxfields * sizeof(Fields[0])); | ||
1882 | + | ||
1883 | + newsize = maxfields * sizeof(Fields[0]); | ||
1884 | + debug_printf_eval("fsrealloc: xrealloc(%p, %u)\n", Fields, newsize); | ||
1885 | + Fields = xrealloc(Fields, newsize); | ||
1886 | + debug_printf_eval("fsrealloc: Fields=%p..%p\n", Fields, (char*)Fields + newsize - 1); | ||
1887 | + /* ^^^ did Fields[] move? debug aid for L.v getting "upstaged" by R.v in evaluate() */ | ||
1888 | + | ||
1889 | for (; i < maxfields; i++) { | ||
1890 | Fields[i].type = VF_SPECIAL; | ||
1891 | Fields[i].string = NULL; | ||
1892 | @@ -1802,13 +1982,13 @@ static int awk_split(const char *s, node *spl, char **slist) | ||
1893 | c[2] = '\n'; | ||
1894 | |||
1895 | n = 0; | ||
1896 | - if ((spl->info & OPCLSMASK) == OC_REGEXP) { /* regex split */ | ||
1897 | + if (spl->info == TI_REGEXP) { /* regex split */ | ||
1898 | if (!*s) | ||
1899 | return n; /* "": zero fields */ | ||
1900 | n++; /* at least one field will be there */ | ||
1901 | do { | ||
1902 | int l; | ||
1903 | - regmatch_t pmatch[2]; // TODO: why [2]? [1] is enough... | ||
1904 | + regmatch_t pmatch[1]; | ||
1905 | |||
1906 | l = strcspn(s, c+2); /* len till next NUL or \n */ | ||
1907 | if (regexec1_nonempty(icase ? spl->r.ire : spl->l.re, s, pmatch) == 0 | ||
1908 | @@ -1969,7 +2149,7 @@ static node *nextarg(node **pn) | ||
1909 | node *n; | ||
1910 | |||
1911 | n = *pn; | ||
1912 | - if (n && (n->info & OPCLSMASK) == OC_COMMA) { | ||
1913 | + if (n && n->info == TI_COMMA) { | ||
1914 | *pn = n->r.n; | ||
1915 | n = n->l.n; | ||
1916 | } else { | ||
1917 | @@ -2000,8 +2180,7 @@ static void hashwalk_init(var *v, xhash *array) | ||
1918 | for (i = 0; i < array->csize; i++) { | ||
1919 | hi = array->items[i]; | ||
1920 | while (hi) { | ||
1921 | - strcpy(w->end, hi->name); | ||
1922 | - nextword(&w->end); | ||
1923 | + w->end = stpcpy(w->end, hi->name) + 1; | ||
1924 | hi = hi->next; | ||
1925 | } | ||
1926 | } | ||
1927 | @@ -2027,15 +2206,18 @@ static int hashwalk_next(var *v) | ||
1928 | /* evaluate node, return 1 when result is true, 0 otherwise */ | ||
1929 | static int ptest(node *pattern) | ||
1930 | { | ||
1931 | - /* ptest__v is "static": to save stack space? */ | ||
1932 | - return istrue(evaluate(pattern, &G.ptest__v)); | ||
1933 | + // We use a single "static" tmpvar (instead of on-stack or malloced one) | ||
1934 | + // to decrease memory consumption in deeply-recursive awk programs. | ||
1935 | + // The rule to work safely is to never call evaluate() while our static | ||
1936 | + // TMPVAR's value is still needed. | ||
1937 | + return istrue(evaluate(pattern, &G.ptest__tmpvar)); | ||
1938 | } | ||
1939 | |||
1940 | /* read next record from stream rsm into a variable v */ | ||
1941 | static int awk_getline(rstream *rsm, var *v) | ||
1942 | { | ||
1943 | char *b; | ||
1944 | - regmatch_t pmatch[2]; // TODO: why [2]? [1] is enough... | ||
1945 | + regmatch_t pmatch[1]; | ||
1946 | int size, a, p, pp = 0; | ||
1947 | int fd, so, eo, r, rp; | ||
1948 | char c, *m, *s; | ||
1949 | @@ -2061,7 +2243,7 @@ static int awk_getline(rstream *rsm, var *v) | ||
1950 | so = eo = p; | ||
1951 | r = 1; | ||
1952 | if (p > 0) { | ||
1953 | - if ((rsplitter.n.info & OPCLSMASK) == OC_REGEXP) { | ||
1954 | + if (rsplitter.n.info == TI_REGEXP) { | ||
1955 | if (regexec(icase ? rsplitter.n.r.ire : rsplitter.n.l.re, | ||
1956 | b, 1, pmatch, 0) == 0) { | ||
1957 | so = pmatch[0].rm_so; | ||
1958 | @@ -2133,82 +2315,126 @@ static int awk_getline(rstream *rsm, var *v) | ||
1959 | return r; | ||
1960 | } | ||
1961 | |||
1962 | -static int fmt_num(char *b, int size, const char *format, double n, int int_as_int) | ||
1963 | -{ | ||
1964 | - int r = 0; | ||
1965 | - char c; | ||
1966 | - const char *s = format; | ||
1967 | - | ||
1968 | - if (int_as_int && n == (long long)n) { | ||
1969 | - r = snprintf(b, size, "%lld", (long long)n); | ||
1970 | - } else { | ||
1971 | - do { c = *s; } while (c && *++s); | ||
1972 | - if (strchr("diouxX", c)) { | ||
1973 | - r = snprintf(b, size, format, (int)n); | ||
1974 | - } else if (strchr("eEfgG", c)) { | ||
1975 | - r = snprintf(b, size, format, n); | ||
1976 | - } else { | ||
1977 | - syntax_error(EMSG_INV_FMT); | ||
1978 | - } | ||
1979 | - } | ||
1980 | - return r; | ||
1981 | -} | ||
1982 | - | ||
1983 | /* formatted output into an allocated buffer, return ptr to buffer */ | ||
1984 | -static char *awk_printf(node *n) | ||
1985 | +#if !ENABLE_FEATURE_AWK_GNU_EXTENSIONS | ||
1986 | +# define awk_printf(a, b) awk_printf(a) | ||
1987 | +#endif | ||
1988 | +static char *awk_printf(node *n, size_t *len) | ||
1989 | { | ||
1990 | - char *b = NULL; | ||
1991 | - char *fmt, *s, *f; | ||
1992 | - const char *s1; | ||
1993 | - int i, j, incr, bsize; | ||
1994 | - char c, c1; | ||
1995 | - var *v, *arg; | ||
1996 | - | ||
1997 | - v = nvalloc(1); | ||
1998 | - fmt = f = xstrdup(getvar_s(evaluate(nextarg(&n), v))); | ||
1999 | - | ||
2000 | + char *b; | ||
2001 | + char *fmt, *f; | ||
2002 | + size_t i; | ||
2003 | + | ||
2004 | + //tmpvar = nvalloc(1); | ||
2005 | +#define TMPVAR (&G.awk_printf__tmpvar) | ||
2006 | + // We use a single "static" tmpvar (instead of on-stack or malloced one) | ||
2007 | + // to decrease memory consumption in deeply-recursive awk programs. | ||
2008 | + // The rule to work safely is to never call evaluate() while our static | ||
2009 | + // TMPVAR's value is still needed. | ||
2010 | + fmt = f = xstrdup(getvar_s(evaluate(nextarg(&n), TMPVAR))); | ||
2011 | + // ^^^^^^^^^ here we immediately strdup() the value, so the later call | ||
2012 | + // to evaluate() potentially recursing into another awk_printf() can't | ||
2013 | + // mangle the value. | ||
2014 | + | ||
2015 | + b = NULL; | ||
2016 | i = 0; | ||
2017 | - while (*f) { | ||
2018 | + while (1) { /* "print one format spec" loop */ | ||
2019 | + char *s; | ||
2020 | + char c; | ||
2021 | + char sv; | ||
2022 | + var *arg; | ||
2023 | + size_t slen; | ||
2024 | + | ||
2025 | + /* Find end of the next format spec, or end of line */ | ||
2026 | s = f; | ||
2027 | - while (*f && (*f != '%' || *++f == '%')) | ||
2028 | - f++; | ||
2029 | - while (*f && !isalpha(*f)) { | ||
2030 | - if (*f == '*') | ||
2031 | - syntax_error("%*x formats are not supported"); | ||
2032 | + while (1) { | ||
2033 | + c = *f; | ||
2034 | + if (!c) /* no percent chars found at all */ | ||
2035 | + goto nul; | ||
2036 | f++; | ||
2037 | + if (c == '%') | ||
2038 | + break; | ||
2039 | } | ||
2040 | - | ||
2041 | - incr = (f - s) + MAXVARFMT; | ||
2042 | - b = qrealloc(b, incr + i, &bsize); | ||
2043 | + /* we are past % in "....%..." */ | ||
2044 | c = *f; | ||
2045 | - if (c != '\0') | ||
2046 | + if (!c) /* "....%" */ | ||
2047 | + goto nul; | ||
2048 | + if (c == '%') { /* "....%%...." */ | ||
2049 | + slen = f - s; | ||
2050 | + s = xstrndup(s, slen); | ||
2051 | f++; | ||
2052 | - c1 = *f; | ||
2053 | + goto append; /* print "....%" part verbatim */ | ||
2054 | + } | ||
2055 | + while (1) { | ||
2056 | + if (isalpha(c)) | ||
2057 | + break; | ||
2058 | + if (c == '*') | ||
2059 | + syntax_error("%*x formats are not supported"); | ||
2060 | + c = *++f; | ||
2061 | + if (!c) { /* "....%...." and no letter found after % */ | ||
2062 | + /* Example: awk 'BEGIN { printf "^^^%^^^\n"; }' */ | ||
2063 | + nul: | ||
2064 | + slen = f - s; | ||
2065 | + goto tail; /* print remaining string, exit loop */ | ||
2066 | + } | ||
2067 | + } | ||
2068 | + /* we are at A in "....%...A..." */ | ||
2069 | + | ||
2070 | + arg = evaluate(nextarg(&n), TMPVAR); | ||
2071 | + | ||
2072 | + /* Result can be arbitrarily long. Example: | ||
2073 | + * printf "%99999s", "BOOM" | ||
2074 | + */ | ||
2075 | + sv = *++f; | ||
2076 | *f = '\0'; | ||
2077 | - arg = evaluate(nextarg(&n), v); | ||
2078 | - | ||
2079 | - j = i; | ||
2080 | - if (c == 'c' || !c) { | ||
2081 | - i += sprintf(b+i, s, is_numeric(arg) ? | ||
2082 | - (char)getvar_i(arg) : *getvar_s(arg)); | ||
2083 | - } else if (c == 's') { | ||
2084 | - s1 = getvar_s(arg); | ||
2085 | - b = qrealloc(b, incr+i+strlen(s1), &bsize); | ||
2086 | - i += sprintf(b+i, s, s1); | ||
2087 | + if (c == 'c') { | ||
2088 | + char cc = is_numeric(arg) ? getvar_i(arg) : *getvar_s(arg); | ||
2089 | + char *r = xasprintf(s, cc ? cc : '^' /* else strlen will be wrong */); | ||
2090 | + slen = strlen(r); | ||
2091 | + if (cc == '\0') /* if cc is NUL, re-format the string with it */ | ||
2092 | + sprintf(r, s, cc); | ||
2093 | + s = r; | ||
2094 | } else { | ||
2095 | - i += fmt_num(b+i, incr, s, getvar_i(arg), FALSE); | ||
2096 | + if (c == 's') { | ||
2097 | + s = xasprintf(s, getvar_s(arg)); | ||
2098 | + } else { | ||
2099 | + double d = getvar_i(arg); | ||
2100 | + if (strchr("diouxX", c)) { | ||
2101 | +//TODO: make it wider here (%x -> %llx etc)? | ||
2102 | + s = xasprintf(s, (int)d); | ||
2103 | + } else if (strchr("eEfFgGaA", c)) { | ||
2104 | + s = xasprintf(s, d); | ||
2105 | + } else { | ||
2106 | +//TODO: GNU Awk 5.0.1: printf "%W" prints "%W", does not error out | ||
2107 | + syntax_error(EMSG_INV_FMT); | ||
2108 | + } | ||
2109 | + } | ||
2110 | + slen = strlen(s); | ||
2111 | } | ||
2112 | - *f = c1; | ||
2113 | - | ||
2114 | - /* if there was an error while sprintf, return value is negative */ | ||
2115 | - if (i < j) | ||
2116 | - i = j; | ||
2117 | + *f = sv; | ||
2118 | + append: | ||
2119 | + if (i == 0) { | ||
2120 | + b = s; | ||
2121 | + i = slen; | ||
2122 | + continue; | ||
2123 | + } | ||
2124 | + tail: | ||
2125 | + b = xrealloc(b, i + slen + 1); | ||
2126 | + strcpy(b + i, s); | ||
2127 | + i += slen; | ||
2128 | + if (!c) /* s is NOT allocated and this is the last part of string? */ | ||
2129 | + break; | ||
2130 | + free(s); | ||
2131 | } | ||
2132 | |||
2133 | free(fmt); | ||
2134 | - nvfree(v); | ||
2135 | - b = xrealloc(b, i + 1); | ||
2136 | - b[i] = '\0'; | ||
2137 | + //nvfree(tmpvar, 1); | ||
2138 | +#undef TMPVAR | ||
2139 | + | ||
2140 | +#if ENABLE_FEATURE_AWK_GNU_EXTENSIONS | ||
2141 | + if (len) | ||
2142 | + *len = i; | ||
2143 | +#endif | ||
2144 | return b; | ||
2145 | } | ||
2146 | |||
2147 | @@ -2338,33 +2564,59 @@ static NOINLINE int do_mktime(const char *ds) | ||
2148 | return mktime(&then); | ||
2149 | } | ||
2150 | |||
2151 | +/* Reduce stack usage in exec_builtin() by keeping match() code separate */ | ||
2152 | +static NOINLINE var *do_match(node *an1, const char *as0) | ||
2153 | +{ | ||
2154 | + regmatch_t pmatch[1]; | ||
2155 | + regex_t sreg, *re; | ||
2156 | + int n, start, len; | ||
2157 | + | ||
2158 | + re = as_regex(an1, &sreg); | ||
2159 | + n = regexec(re, as0, 1, pmatch, 0); | ||
2160 | + if (re == &sreg) | ||
2161 | + regfree(re); | ||
2162 | + start = 0; | ||
2163 | + len = -1; | ||
2164 | + if (n == 0) { | ||
2165 | + start = pmatch[0].rm_so + 1; | ||
2166 | + len = pmatch[0].rm_eo - pmatch[0].rm_so; | ||
2167 | + } | ||
2168 | + setvar_i(newvar("RLENGTH"), len); | ||
2169 | + return setvar_i(newvar("RSTART"), start); | ||
2170 | +} | ||
2171 | + | ||
2172 | +/* Reduce stack usage in evaluate() by keeping builtins' code separate */ | ||
2173 | static NOINLINE var *exec_builtin(node *op, var *res) | ||
2174 | { | ||
2175 | #define tspl (G.exec_builtin__tspl) | ||
2176 | |||
2177 | - var *tv; | ||
2178 | + var *tmpvars; | ||
2179 | node *an[4]; | ||
2180 | var *av[4]; | ||
2181 | const char *as[4]; | ||
2182 | - regmatch_t pmatch[2]; | ||
2183 | - regex_t sreg, *re; | ||
2184 | node *spl; | ||
2185 | uint32_t isr, info; | ||
2186 | int nargs; | ||
2187 | time_t tt; | ||
2188 | int i, l, ll, n; | ||
2189 | |||
2190 | - tv = nvalloc(4); | ||
2191 | + tmpvars = nvalloc(4); | ||
2192 | +#define TMPVAR0 (tmpvars) | ||
2193 | +#define TMPVAR1 (tmpvars + 1) | ||
2194 | +#define TMPVAR2 (tmpvars + 2) | ||
2195 | +#define TMPVAR3 (tmpvars + 3) | ||
2196 | +#define TMPVAR(i) (tmpvars + (i)) | ||
2197 | isr = info = op->info; | ||
2198 | op = op->l.n; | ||
2199 | |||
2200 | av[2] = av[3] = NULL; | ||
2201 | for (i = 0; i < 4 && op; i++) { | ||
2202 | an[i] = nextarg(&op); | ||
2203 | - if (isr & 0x09000000) | ||
2204 | - av[i] = evaluate(an[i], &tv[i]); | ||
2205 | - if (isr & 0x08000000) | ||
2206 | - as[i] = getvar_s(av[i]); | ||
2207 | + if (isr & 0x09000000) { | ||
2208 | + av[i] = evaluate(an[i], TMPVAR(i)); | ||
2209 | + if (isr & 0x08000000) | ||
2210 | + as[i] = getvar_s(av[i]); | ||
2211 | + } | ||
2212 | isr >>= 1; | ||
2213 | } | ||
2214 | |||
2215 | @@ -2386,8 +2638,8 @@ static NOINLINE var *exec_builtin(node *op, var *res) | ||
2216 | char *s, *s1; | ||
2217 | |||
2218 | if (nargs > 2) { | ||
2219 | - spl = (an[2]->info & OPCLSMASK) == OC_REGEXP ? | ||
2220 | - an[2] : mk_splitter(getvar_s(evaluate(an[2], &tv[2])), &tspl); | ||
2221 | + spl = (an[2]->info == TI_REGEXP) ? an[2] | ||
2222 | + : mk_splitter(getvar_s(evaluate(an[2], TMPVAR2)), &tspl); | ||
2223 | } else { | ||
2224 | spl = &fsplitter.n; | ||
2225 | } | ||
2226 | @@ -2501,20 +2753,7 @@ static NOINLINE var *exec_builtin(node *op, var *res) | ||
2227 | break; | ||
2228 | |||
2229 | case B_ma: | ||
2230 | - re = as_regex(an[1], &sreg); | ||
2231 | - n = regexec(re, as[0], 1, pmatch, 0); | ||
2232 | - if (n == 0) { | ||
2233 | - pmatch[0].rm_so++; | ||
2234 | - pmatch[0].rm_eo++; | ||
2235 | - } else { | ||
2236 | - pmatch[0].rm_so = 0; | ||
2237 | - pmatch[0].rm_eo = -1; | ||
2238 | - } | ||
2239 | - setvar_i(newvar("RSTART"), pmatch[0].rm_so); | ||
2240 | - setvar_i(newvar("RLENGTH"), pmatch[0].rm_eo - pmatch[0].rm_so); | ||
2241 | - setvar_i(res, pmatch[0].rm_so); | ||
2242 | - if (re == &sreg) | ||
2243 | - regfree(re); | ||
2244 | + res = do_match(an[1], as[0]); | ||
2245 | break; | ||
2246 | |||
2247 | case B_ge: | ||
2248 | @@ -2530,14 +2769,79 @@ static NOINLINE var *exec_builtin(node *op, var *res) | ||
2249 | break; | ||
2250 | } | ||
2251 | |||
2252 | - nvfree(tv); | ||
2253 | + nvfree(tmpvars, 4); | ||
2254 | +#undef TMPVAR0 | ||
2255 | +#undef TMPVAR1 | ||
2256 | +#undef TMPVAR2 | ||
2257 | +#undef TMPVAR3 | ||
2258 | +#undef TMPVAR | ||
2259 | + | ||
2260 | return res; | ||
2261 | #undef tspl | ||
2262 | } | ||
2263 | |||
2264 | +/* if expr looks like "var=value", perform assignment and return 1, | ||
2265 | + * otherwise return 0 */ | ||
2266 | +static int is_assignment(const char *expr) | ||
2267 | +{ | ||
2268 | + char *exprc, *val; | ||
2269 | + | ||
2270 | + val = (char*)endofname(expr); | ||
2271 | + if (val == (char*)expr || *val != '=') { | ||
2272 | + return FALSE; | ||
2273 | + } | ||
2274 | + | ||
2275 | + exprc = xstrdup(expr); | ||
2276 | + val = exprc + (val - expr); | ||
2277 | + *val++ = '\0'; | ||
2278 | + | ||
2279 | + unescape_string_in_place(val); | ||
2280 | + setvar_u(newvar(exprc), val); | ||
2281 | + free(exprc); | ||
2282 | + return TRUE; | ||
2283 | +} | ||
2284 | + | ||
2285 | +/* switch to next input file */ | ||
2286 | +static rstream *next_input_file(void) | ||
2287 | +{ | ||
2288 | +#define rsm (G.next_input_file__rsm) | ||
2289 | +#define files_happen (G.next_input_file__files_happen) | ||
2290 | + | ||
2291 | + const char *fname, *ind; | ||
2292 | + | ||
2293 | + if (rsm.F) | ||
2294 | + fclose(rsm.F); | ||
2295 | + rsm.F = NULL; | ||
2296 | + rsm.pos = rsm.adv = 0; | ||
2297 | + | ||
2298 | + for (;;) { | ||
2299 | + if (getvar_i(intvar[ARGIND])+1 >= getvar_i(intvar[ARGC])) { | ||
2300 | + if (files_happen) | ||
2301 | + return NULL; | ||
2302 | + fname = "-"; | ||
2303 | + rsm.F = stdin; | ||
2304 | + break; | ||
2305 | + } | ||
2306 | + ind = getvar_s(incvar(intvar[ARGIND])); | ||
2307 | + fname = getvar_s(findvar(iamarray(intvar[ARGV]), ind)); | ||
2308 | + if (fname && *fname && !is_assignment(fname)) { | ||
2309 | + rsm.F = xfopen_stdin(fname); | ||
2310 | + break; | ||
2311 | + } | ||
2312 | + } | ||
2313 | + | ||
2314 | + files_happen = TRUE; | ||
2315 | + setvar_s(intvar[FILENAME], fname); | ||
2316 | + return &rsm; | ||
2317 | +#undef rsm | ||
2318 | +#undef files_happen | ||
2319 | +} | ||
2320 | + | ||
2321 | /* | ||
2322 | * Evaluate node - the heart of the program. Supplied with subtree | ||
2323 | - * and place where to store result. returns ptr to result. | ||
2324 | + * and "res" variable to assign the result to if we evaluate an expression. | ||
2325 | + * If node refers to e.g. a variable or a field, no assignment happens. | ||
2326 | + * Return ptr to the result (which may or may not be the "res" variable!) | ||
2327 | */ | ||
2328 | #define XC(n) ((n) >> 8) | ||
2329 | |||
2330 | @@ -2549,14 +2853,16 @@ static var *evaluate(node *op, var *res) | ||
2331 | #define seed (G.evaluate__seed) | ||
2332 | #define sreg (G.evaluate__sreg) | ||
2333 | |||
2334 | - var *v1; | ||
2335 | + var *tmpvars; | ||
2336 | |||
2337 | if (!op) | ||
2338 | return setvar_s(res, NULL); | ||
2339 | |||
2340 | debug_printf_eval("entered %s()\n", __func__); | ||
2341 | |||
2342 | - v1 = nvalloc(2); | ||
2343 | + tmpvars = nvalloc(2); | ||
2344 | +#define TMPVAR0 (tmpvars) | ||
2345 | +#define TMPVAR1 (tmpvars + 1) | ||
2346 | |||
2347 | while (op) { | ||
2348 | struct { | ||
2349 | @@ -2578,48 +2884,35 @@ static var *evaluate(node *op, var *res) | ||
2350 | op1 = op->l.n; | ||
2351 | debug_printf_eval("opinfo:%08x opn:%08x\n", opinfo, opn); | ||
2352 | |||
2353 | - /* "delete" is special: | ||
2354 | - * "delete array[var--]" must evaluate index expr only once, | ||
2355 | - * must not evaluate it in "execute inevitable things" part. | ||
2356 | - */ | ||
2357 | - if (XC(opinfo & OPCLSMASK) == XC(OC_DELETE)) { | ||
2358 | - uint32_t info = op1->info & OPCLSMASK; | ||
2359 | - var *v; | ||
2360 | - | ||
2361 | - debug_printf_eval("DELETE\n"); | ||
2362 | - if (info == OC_VAR) { | ||
2363 | - v = op1->l.v; | ||
2364 | - } else if (info == OC_FNARG) { | ||
2365 | - v = &fnargs[op1->l.aidx]; | ||
2366 | - } else { | ||
2367 | - syntax_error(EMSG_NOT_ARRAY); | ||
2368 | + /* execute inevitable things */ | ||
2369 | + if (opinfo & OF_RES1) { | ||
2370 | + if ((opinfo & OF_REQUIRED) && !op1) | ||
2371 | + syntax_error(EMSG_TOO_FEW_ARGS); | ||
2372 | + L.v = evaluate(op1, TMPVAR0); | ||
2373 | + if (opinfo & OF_STR1) { | ||
2374 | + L.s = getvar_s(L.v); | ||
2375 | + debug_printf_eval("L.s:'%s'\n", L.s); | ||
2376 | } | ||
2377 | - if (op1->r.n) { /* array ref? */ | ||
2378 | - const char *s; | ||
2379 | - s = getvar_s(evaluate(op1->r.n, v1)); | ||
2380 | - hash_remove(iamarray(v), s); | ||
2381 | - } else { | ||
2382 | - clear_array(iamarray(v)); | ||
2383 | + if (opinfo & OF_NUM1) { | ||
2384 | + L_d = getvar_i(L.v); | ||
2385 | + debug_printf_eval("L_d:%f\n", L_d); | ||
2386 | } | ||
2387 | - goto next; | ||
2388 | } | ||
2389 | - | ||
2390 | - /* execute inevitable things */ | ||
2391 | - if (opinfo & OF_RES1) | ||
2392 | - L.v = evaluate(op1, v1); | ||
2393 | - if (opinfo & OF_RES2) | ||
2394 | - R.v = evaluate(op->r.n, v1+1); | ||
2395 | - if (opinfo & OF_STR1) { | ||
2396 | - L.s = getvar_s(L.v); | ||
2397 | - debug_printf_eval("L.s:'%s'\n", L.s); | ||
2398 | - } | ||
2399 | - if (opinfo & OF_STR2) { | ||
2400 | - R.s = getvar_s(R.v); | ||
2401 | - debug_printf_eval("R.s:'%s'\n", R.s); | ||
2402 | - } | ||
2403 | - if (opinfo & OF_NUM1) { | ||
2404 | - L_d = getvar_i(L.v); | ||
2405 | - debug_printf_eval("L_d:%f\n", L_d); | ||
2406 | + /* NB: Must get string/numeric values of L (done above) | ||
2407 | + * _before_ evaluate()'ing R.v: if both L and R are $NNNs, | ||
2408 | + * and right one is large, then L.v points to Fields[NNN1], | ||
2409 | + * second evaluate() reallocates and moves (!) Fields[], | ||
2410 | + * R.v points to Fields[NNN2] but L.v now points to freed mem! | ||
2411 | + * (Seen trying to evaluate "$444 $44444") | ||
2412 | + */ | ||
2413 | + if (opinfo & OF_RES2) { | ||
2414 | + R.v = evaluate(op->r.n, TMPVAR1); | ||
2415 | + //TODO: L.v may be invalid now, set L.v to NULL to catch bugs? | ||
2416 | + //L.v = NULL; | ||
2417 | + if (opinfo & OF_STR2) { | ||
2418 | + R.s = getvar_s(R.v); | ||
2419 | + debug_printf_eval("R.s:'%s'\n", R.s); | ||
2420 | + } | ||
2421 | } | ||
2422 | |||
2423 | debug_printf_eval("switch(0x%x)\n", XC(opinfo & OPCLSMASK)); | ||
2424 | @@ -2629,7 +2922,8 @@ static var *evaluate(node *op, var *res) | ||
2425 | |||
2426 | /* test pattern */ | ||
2427 | case XC( OC_TEST ): | ||
2428 | - if ((op1->info & OPCLSMASK) == OC_COMMA) { | ||
2429 | + debug_printf_eval("TEST\n"); | ||
2430 | + if (op1->info == TI_COMMA) { | ||
2431 | /* it's range pattern */ | ||
2432 | if ((opinfo & OF_CHECKED) || ptest(op1->l.n)) { | ||
2433 | op->info |= OF_CHECKED; | ||
2434 | @@ -2646,25 +2940,32 @@ static var *evaluate(node *op, var *res) | ||
2435 | |||
2436 | /* just evaluate an expression, also used as unconditional jump */ | ||
2437 | case XC( OC_EXEC ): | ||
2438 | + debug_printf_eval("EXEC\n"); | ||
2439 | break; | ||
2440 | |||
2441 | /* branch, used in if-else and various loops */ | ||
2442 | case XC( OC_BR ): | ||
2443 | + debug_printf_eval("BR\n"); | ||
2444 | op = istrue(L.v) ? op->a.n : op->r.n; | ||
2445 | break; | ||
2446 | |||
2447 | /* initialize for-in loop */ | ||
2448 | case XC( OC_WALKINIT ): | ||
2449 | + debug_printf_eval("WALKINIT\n"); | ||
2450 | hashwalk_init(L.v, iamarray(R.v)); | ||
2451 | break; | ||
2452 | |||
2453 | /* get next array item */ | ||
2454 | case XC( OC_WALKNEXT ): | ||
2455 | + debug_printf_eval("WALKNEXT\n"); | ||
2456 | op = hashwalk_next(L.v) ? op->a.n : op->r.n; | ||
2457 | break; | ||
2458 | |||
2459 | case XC( OC_PRINT ): | ||
2460 | - case XC( OC_PRINTF ): { | ||
2461 | + debug_printf_eval("PRINT /\n"); | ||
2462 | + case XC( OC_PRINTF ): | ||
2463 | + debug_printf_eval("PRINTF\n"); | ||
2464 | + { | ||
2465 | FILE *F = stdout; | ||
2466 | |||
2467 | if (op->r.n) { | ||
2468 | @@ -2682,55 +2983,94 @@ static var *evaluate(node *op, var *res) | ||
2469 | F = rsm->F; | ||
2470 | } | ||
2471 | |||
2472 | + /* Can't just check 'opinfo == OC_PRINT' here, parser ORs | ||
2473 | + * additional bits to opinfos of print/printf with redirects | ||
2474 | + */ | ||
2475 | if ((opinfo & OPCLSMASK) == OC_PRINT) { | ||
2476 | if (!op1) { | ||
2477 | fputs(getvar_s(intvar[F0]), F); | ||
2478 | } else { | ||
2479 | - while (op1) { | ||
2480 | - var *v = evaluate(nextarg(&op1), v1); | ||
2481 | + for (;;) { | ||
2482 | + var *v = evaluate(nextarg(&op1), TMPVAR0); | ||
2483 | if (v->type & VF_NUMBER) { | ||
2484 | - fmt_num(g_buf, MAXVARFMT, getvar_s(intvar[OFMT]), | ||
2485 | - getvar_i(v), TRUE); | ||
2486 | + fmt_num(getvar_s(intvar[OFMT]), | ||
2487 | + getvar_i(v)); | ||
2488 | fputs(g_buf, F); | ||
2489 | } else { | ||
2490 | fputs(getvar_s(v), F); | ||
2491 | } | ||
2492 | - | ||
2493 | - if (op1) | ||
2494 | - fputs(getvar_s(intvar[OFS]), F); | ||
2495 | + if (!op1) | ||
2496 | + break; | ||
2497 | + fputs(getvar_s(intvar[OFS]), F); | ||
2498 | } | ||
2499 | } | ||
2500 | fputs(getvar_s(intvar[ORS]), F); | ||
2501 | - | ||
2502 | - } else { /* OC_PRINTF */ | ||
2503 | - char *s = awk_printf(op1); | ||
2504 | + } else { /* PRINTF */ | ||
2505 | + IF_FEATURE_AWK_GNU_EXTENSIONS(size_t len;) | ||
2506 | + char *s = awk_printf(op1, &len); | ||
2507 | +#if ENABLE_FEATURE_AWK_GNU_EXTENSIONS | ||
2508 | + fwrite(s, len, 1, F); | ||
2509 | +#else | ||
2510 | fputs(s, F); | ||
2511 | +#endif | ||
2512 | free(s); | ||
2513 | } | ||
2514 | fflush(F); | ||
2515 | break; | ||
2516 | } | ||
2517 | |||
2518 | - /* case XC( OC_DELETE ): - moved to happen before arg evaluation */ | ||
2519 | + case XC( OC_DELETE ): | ||
2520 | + debug_printf_eval("DELETE\n"); | ||
2521 | + { | ||
2522 | + /* "delete" is special: | ||
2523 | + * "delete array[var--]" must evaluate index expr only once. | ||
2524 | + */ | ||
2525 | + uint32_t info = op1->info & OPCLSMASK; | ||
2526 | + var *v; | ||
2527 | + | ||
2528 | + if (info == OC_VAR) { | ||
2529 | + v = op1->l.v; | ||
2530 | + } else if (info == OC_FNARG) { | ||
2531 | + v = &fnargs[op1->l.aidx]; | ||
2532 | + } else { | ||
2533 | + syntax_error(EMSG_NOT_ARRAY); | ||
2534 | + } | ||
2535 | + if (op1->r.n) { /* array ref? */ | ||
2536 | + const char *s; | ||
2537 | + s = getvar_s(evaluate(op1->r.n, TMPVAR0)); | ||
2538 | + hash_remove(iamarray(v), s); | ||
2539 | + } else { | ||
2540 | + clear_array(iamarray(v)); | ||
2541 | + } | ||
2542 | + break; | ||
2543 | + } | ||
2544 | |||
2545 | case XC( OC_NEWSOURCE ): | ||
2546 | + debug_printf_eval("NEWSOURCE\n"); | ||
2547 | g_progname = op->l.new_progname; | ||
2548 | break; | ||
2549 | |||
2550 | case XC( OC_RETURN ): | ||
2551 | + debug_printf_eval("RETURN\n"); | ||
2552 | copyvar(res, L.v); | ||
2553 | break; | ||
2554 | |||
2555 | case XC( OC_NEXTFILE ): | ||
2556 | + debug_printf_eval("NEXTFILE\n"); | ||
2557 | nextfile = TRUE; | ||
2558 | case XC( OC_NEXT ): | ||
2559 | + debug_printf_eval("NEXT\n"); | ||
2560 | nextrec = TRUE; | ||
2561 | case XC( OC_DONE ): | ||
2562 | + debug_printf_eval("DONE\n"); | ||
2563 | clrvar(res); | ||
2564 | break; | ||
2565 | |||
2566 | case XC( OC_EXIT ): | ||
2567 | - awk_exit(L_d); | ||
2568 | + debug_printf_eval("EXIT\n"); | ||
2569 | + if (op1) | ||
2570 | + G.exitcode = (int)L_d; | ||
2571 | + awk_exit(); | ||
2572 | |||
2573 | /* -- recursive node type -- */ | ||
2574 | |||
2575 | @@ -2749,15 +3089,18 @@ static var *evaluate(node *op, var *res) | ||
2576 | break; | ||
2577 | |||
2578 | case XC( OC_IN ): | ||
2579 | + debug_printf_eval("IN\n"); | ||
2580 | setvar_i(res, hash_search(iamarray(R.v), L.s) ? 1 : 0); | ||
2581 | break; | ||
2582 | |||
2583 | case XC( OC_REGEXP ): | ||
2584 | + debug_printf_eval("REGEXP\n"); | ||
2585 | op1 = op; | ||
2586 | L.s = getvar_s(intvar[F0]); | ||
2587 | goto re_cont; | ||
2588 | |||
2589 | case XC( OC_MATCH ): | ||
2590 | + debug_printf_eval("MATCH\n"); | ||
2591 | op1 = op->r.n; | ||
2592 | re_cont: | ||
2593 | { | ||
2594 | @@ -2772,61 +3115,80 @@ static var *evaluate(node *op, var *res) | ||
2595 | case XC( OC_MOVE ): | ||
2596 | debug_printf_eval("MOVE\n"); | ||
2597 | /* if source is a temporary string, jusk relink it to dest */ | ||
2598 | -//Disabled: if R.v is numeric but happens to have cached R.v->string, | ||
2599 | -//then L.v ends up being a string, which is wrong | ||
2600 | -// if (R.v == v1+1 && R.v->string) { | ||
2601 | -// res = setvar_p(L.v, R.v->string); | ||
2602 | -// R.v->string = NULL; | ||
2603 | -// } else { | ||
2604 | + if (R.v == TMPVAR1 | ||
2605 | + && !(R.v->type & VF_NUMBER) | ||
2606 | + /* Why check !NUMBER? if R.v is a number but has cached R.v->string, | ||
2607 | + * L.v ends up a string, which is wrong */ | ||
2608 | + /*&& R.v->string - always not NULL (right?) */ | ||
2609 | + ) { | ||
2610 | + res = setvar_p(L.v, R.v->string); /* avoids strdup */ | ||
2611 | + R.v->string = NULL; | ||
2612 | + } else { | ||
2613 | res = copyvar(L.v, R.v); | ||
2614 | -// } | ||
2615 | + } | ||
2616 | break; | ||
2617 | |||
2618 | case XC( OC_TERNARY ): | ||
2619 | - if ((op->r.n->info & OPCLSMASK) != OC_COLON) | ||
2620 | + debug_printf_eval("TERNARY\n"); | ||
2621 | + if (op->r.n->info != TI_COLON) | ||
2622 | syntax_error(EMSG_POSSIBLE_ERROR); | ||
2623 | res = evaluate(istrue(L.v) ? op->r.n->l.n : op->r.n->r.n, res); | ||
2624 | break; | ||
2625 | |||
2626 | case XC( OC_FUNC ): { | ||
2627 | - var *vbeg, *v; | ||
2628 | + var *argvars, *sv_fnargs; | ||
2629 | const char *sv_progname; | ||
2630 | + int nargs, i; | ||
2631 | |||
2632 | - /* The body might be empty, still has to eval the args */ | ||
2633 | - if (!op->r.n->info && !op->r.f->body.first) | ||
2634 | + debug_printf_eval("FUNC\n"); | ||
2635 | + | ||
2636 | + if (!op->r.f->defined) | ||
2637 | syntax_error(EMSG_UNDEF_FUNC); | ||
2638 | |||
2639 | - vbeg = v = nvalloc(op->r.f->nargs + 1); | ||
2640 | + /* The body might be empty, still has to eval the args */ | ||
2641 | + nargs = op->r.f->nargs; | ||
2642 | + argvars = nvalloc(nargs); | ||
2643 | + i = 0; | ||
2644 | while (op1) { | ||
2645 | - var *arg = evaluate(nextarg(&op1), v1); | ||
2646 | - copyvar(v, arg); | ||
2647 | - v->type |= VF_CHILD; | ||
2648 | - v->x.parent = arg; | ||
2649 | - if (++v - vbeg >= op->r.f->nargs) | ||
2650 | - break; | ||
2651 | + var *arg = evaluate(nextarg(&op1), TMPVAR0); | ||
2652 | + if (i == nargs) { | ||
2653 | + /* call with more arguments than function takes. | ||
2654 | + * (gawk warns: "warning: function 'f' called with more arguments than declared"). | ||
2655 | + * They are still evaluated, but discarded: */ | ||
2656 | + clrvar(arg); | ||
2657 | + continue; | ||
2658 | + } | ||
2659 | + copyvar(&argvars[i], arg); | ||
2660 | + argvars[i].type |= VF_CHILD; | ||
2661 | + argvars[i].x.parent = arg; | ||
2662 | + i++; | ||
2663 | } | ||
2664 | |||
2665 | - v = fnargs; | ||
2666 | - fnargs = vbeg; | ||
2667 | + sv_fnargs = fnargs; | ||
2668 | sv_progname = g_progname; | ||
2669 | |||
2670 | + fnargs = argvars; | ||
2671 | res = evaluate(op->r.f->body.first, res); | ||
2672 | + nvfree(argvars, nargs); | ||
2673 | |||
2674 | g_progname = sv_progname; | ||
2675 | - nvfree(fnargs); | ||
2676 | - fnargs = v; | ||
2677 | + fnargs = sv_fnargs; | ||
2678 | |||
2679 | break; | ||
2680 | } | ||
2681 | |||
2682 | case XC( OC_GETLINE ): | ||
2683 | - case XC( OC_PGETLINE ): { | ||
2684 | + debug_printf_eval("GETLINE /\n"); | ||
2685 | + case XC( OC_PGETLINE ): | ||
2686 | + debug_printf_eval("PGETLINE\n"); | ||
2687 | + { | ||
2688 | rstream *rsm; | ||
2689 | int i; | ||
2690 | |||
2691 | if (op1) { | ||
2692 | rsm = newfile(L.s); | ||
2693 | if (!rsm->F) { | ||
2694 | + /* NB: can't use "opinfo == TI_PGETLINE", would break "cmd" | getline */ | ||
2695 | if ((opinfo & OPCLSMASK) == OC_PGETLINE) { | ||
2696 | rsm->F = popen(L.s, "r"); | ||
2697 | rsm->is_pipe = TRUE; | ||
2698 | @@ -2861,16 +3223,34 @@ static var *evaluate(node *op, var *res) | ||
2699 | /* simple builtins */ | ||
2700 | case XC( OC_FBLTIN ): { | ||
2701 | double R_d = R_d; /* for compiler */ | ||
2702 | + debug_printf_eval("FBLTIN\n"); | ||
2703 | + | ||
2704 | + if (op1 && op1->info == TI_COMMA) | ||
2705 | + /* Simple builtins take one arg maximum */ | ||
2706 | + syntax_error("Too many arguments"); | ||
2707 | |||
2708 | switch (opn) { | ||
2709 | case F_in: | ||
2710 | R_d = (long long)L_d; | ||
2711 | break; | ||
2712 | |||
2713 | - case F_rn: | ||
2714 | - R_d = (double)rand() / (double)RAND_MAX; | ||
2715 | + case F_rn: /*rand*/ | ||
2716 | + if (op1) | ||
2717 | + syntax_error("Too many arguments"); | ||
2718 | + { | ||
2719 | +#if RAND_MAX >= 0x7fffffff | ||
2720 | + uint32_t u = ((uint32_t)rand() << 16) ^ rand(); | ||
2721 | + uint64_t v = ((uint64_t)rand() << 32) | u; | ||
2722 | + /* the above shift+or is optimized out on 32-bit arches */ | ||
2723 | +# if RAND_MAX > 0x7fffffff | ||
2724 | + v &= 0x7fffffffffffffffULL; | ||
2725 | +# endif | ||
2726 | + R_d = (double)v / 0x8000000000000000ULL; | ||
2727 | +#else | ||
2728 | +# error Not implemented for this value of RAND_MAX | ||
2729 | +#endif | ||
2730 | break; | ||
2731 | - | ||
2732 | + } | ||
2733 | case F_co: | ||
2734 | if (ENABLE_FEATURE_AWK_LIBM) { | ||
2735 | R_d = cos(L_d); | ||
2736 | @@ -2910,7 +3290,9 @@ static var *evaluate(node *op, var *res) | ||
2737 | srand(seed); | ||
2738 | break; | ||
2739 | |||
2740 | - case F_ti: | ||
2741 | + case F_ti: /*systime*/ | ||
2742 | + if (op1) | ||
2743 | + syntax_error("Too many arguments"); | ||
2744 | R_d = time(NULL); | ||
2745 | break; | ||
2746 | |||
2747 | @@ -2949,7 +3331,7 @@ static var *evaluate(node *op, var *res) | ||
2748 | rstream *rsm; | ||
2749 | int err = 0; | ||
2750 | rsm = (rstream *)hash_search(fdhash, L.s); | ||
2751 | - debug_printf_eval("OC_FBLTIN F_cl rsm:%p\n", rsm); | ||
2752 | + debug_printf_eval("OC_FBLTIN close: op1:%p s:'%s' rsm:%p\n", op1, L.s, rsm); | ||
2753 | if (rsm) { | ||
2754 | debug_printf_eval("OC_FBLTIN F_cl " | ||
2755 | "rsm->is_pipe:%d, ->F:%p\n", | ||
2756 | @@ -2960,6 +3342,11 @@ static var *evaluate(node *op, var *res) | ||
2757 | */ | ||
2758 | if (rsm->F) | ||
2759 | err = rsm->is_pipe ? pclose(rsm->F) : fclose(rsm->F); | ||
2760 | +//TODO: fix this case: | ||
2761 | +// $ awk 'BEGIN { print close(""); print ERRNO }' | ||
2762 | +// -1 | ||
2763 | +// close of redirection that was never opened | ||
2764 | +// (we print 0, 0) | ||
2765 | free(rsm->buffer); | ||
2766 | hash_remove(fdhash, L.s); | ||
2767 | } | ||
2768 | @@ -2974,14 +3361,18 @@ static var *evaluate(node *op, var *res) | ||
2769 | } | ||
2770 | |||
2771 | case XC( OC_BUILTIN ): | ||
2772 | + debug_printf_eval("BUILTIN\n"); | ||
2773 | res = exec_builtin(op, res); | ||
2774 | break; | ||
2775 | |||
2776 | case XC( OC_SPRINTF ): | ||
2777 | - setvar_p(res, awk_printf(op1)); | ||
2778 | + debug_printf_eval("SPRINTF\n"); | ||
2779 | + setvar_p(res, awk_printf(op1, NULL)); | ||
2780 | break; | ||
2781 | |||
2782 | - case XC( OC_UNARY ): { | ||
2783 | + case XC( OC_UNARY ): | ||
2784 | + debug_printf_eval("UNARY\n"); | ||
2785 | + { | ||
2786 | double Ld, R_d; | ||
2787 | |||
2788 | Ld = R_d = getvar_i(R.v); | ||
2789 | @@ -3011,7 +3402,9 @@ static var *evaluate(node *op, var *res) | ||
2790 | break; | ||
2791 | } | ||
2792 | |||
2793 | - case XC( OC_FIELD ): { | ||
2794 | + case XC( OC_FIELD ): | ||
2795 | + debug_printf_eval("FIELD\n"); | ||
2796 | + { | ||
2797 | int i = (int)getvar_i(R.v); | ||
2798 | if (i < 0) | ||
2799 | syntax_error(EMSG_NEGATIVE_FIELD); | ||
2800 | @@ -3028,26 +3421,33 @@ static var *evaluate(node *op, var *res) | ||
2801 | |||
2802 | /* concatenation (" ") and index joining (",") */ | ||
2803 | case XC( OC_CONCAT ): | ||
2804 | + debug_printf_eval("CONCAT /\n"); | ||
2805 | case XC( OC_COMMA ): { | ||
2806 | const char *sep = ""; | ||
2807 | - if ((opinfo & OPCLSMASK) == OC_COMMA) | ||
2808 | + debug_printf_eval("COMMA\n"); | ||
2809 | + if (opinfo == TI_COMMA) | ||
2810 | sep = getvar_s(intvar[SUBSEP]); | ||
2811 | setvar_p(res, xasprintf("%s%s%s", L.s, sep, R.s)); | ||
2812 | break; | ||
2813 | } | ||
2814 | |||
2815 | case XC( OC_LAND ): | ||
2816 | + debug_printf_eval("LAND\n"); | ||
2817 | setvar_i(res, istrue(L.v) ? ptest(op->r.n) : 0); | ||
2818 | break; | ||
2819 | |||
2820 | case XC( OC_LOR ): | ||
2821 | + debug_printf_eval("LOR\n"); | ||
2822 | setvar_i(res, istrue(L.v) ? 1 : ptest(op->r.n)); | ||
2823 | break; | ||
2824 | |||
2825 | case XC( OC_BINARY ): | ||
2826 | - case XC( OC_REPLACE ): { | ||
2827 | + debug_printf_eval("BINARY /\n"); | ||
2828 | + case XC( OC_REPLACE ): | ||
2829 | + debug_printf_eval("REPLACE\n"); | ||
2830 | + { | ||
2831 | double R_d = getvar_i(R.v); | ||
2832 | - debug_printf_eval("BINARY/REPLACE: R_d:%f opn:%c\n", R_d, opn); | ||
2833 | + debug_printf_eval("R_d:%f opn:%c\n", R_d, opn); | ||
2834 | switch (opn) { | ||
2835 | case '+': | ||
2836 | L_d += R_d; | ||
2837 | @@ -3083,6 +3483,7 @@ static var *evaluate(node *op, var *res) | ||
2838 | case XC( OC_COMPARE ): { | ||
2839 | int i = i; /* for compiler */ | ||
2840 | double Ld; | ||
2841 | + debug_printf_eval("COMPARE\n"); | ||
2842 | |||
2843 | if (is_numeric(L.v) && is_numeric(R.v)) { | ||
2844 | Ld = getvar_i(L.v) - getvar_i(R.v); | ||
2845 | @@ -3109,7 +3510,7 @@ static var *evaluate(node *op, var *res) | ||
2846 | default: | ||
2847 | syntax_error(EMSG_POSSIBLE_ERROR); | ||
2848 | } /* switch */ | ||
2849 | - next: | ||
2850 | + | ||
2851 | if ((opinfo & OPCLSMASK) <= SHIFT_TIL_THIS) | ||
2852 | op = op->a.n; | ||
2853 | if ((opinfo & OPCLSMASK) >= RECUR_FROM_THIS) | ||
2854 | @@ -3118,7 +3519,10 @@ static var *evaluate(node *op, var *res) | ||
2855 | break; | ||
2856 | } /* while (op) */ | ||
2857 | |||
2858 | - nvfree(v1); | ||
2859 | + nvfree(tmpvars, 2); | ||
2860 | +#undef TMPVAR0 | ||
2861 | +#undef TMPVAR1 | ||
2862 | + | ||
2863 | debug_printf_eval("returning from %s(): %p\n", __func__, res); | ||
2864 | return res; | ||
2865 | #undef fnargs | ||
2866 | @@ -3126,25 +3530,21 @@ static var *evaluate(node *op, var *res) | ||
2867 | #undef sreg | ||
2868 | } | ||
2869 | |||
2870 | - | ||
2871 | /* -------- main & co. -------- */ | ||
2872 | |||
2873 | -static int awk_exit(int r) | ||
2874 | +static int awk_exit(void) | ||
2875 | { | ||
2876 | - var tv; | ||
2877 | unsigned i; | ||
2878 | - hash_item *hi; | ||
2879 | - | ||
2880 | - zero_out_var(&tv); | ||
2881 | |||
2882 | if (!exiting) { | ||
2883 | exiting = TRUE; | ||
2884 | nextrec = FALSE; | ||
2885 | - evaluate(endseq.first, &tv); | ||
2886 | + evaluate(endseq.first, &G.exit__tmpvar); | ||
2887 | } | ||
2888 | |||
2889 | /* waiting for children */ | ||
2890 | for (i = 0; i < fdhash->csize; i++) { | ||
2891 | + hash_item *hi; | ||
2892 | hi = fdhash->items[i]; | ||
2893 | while (hi) { | ||
2894 | if (hi->data.rs.F && hi->data.rs.is_pipe) | ||
2895 | @@ -3153,65 +3553,7 @@ static int awk_exit(int r) | ||
2896 | } | ||
2897 | } | ||
2898 | |||
2899 | - exit(r); | ||
2900 | -} | ||
2901 | - | ||
2902 | -/* if expr looks like "var=value", perform assignment and return 1, | ||
2903 | - * otherwise return 0 */ | ||
2904 | -static int is_assignment(const char *expr) | ||
2905 | -{ | ||
2906 | - char *exprc, *val; | ||
2907 | - | ||
2908 | - if (!isalnum_(*expr) || (val = strchr(expr, '=')) == NULL) { | ||
2909 | - return FALSE; | ||
2910 | - } | ||
2911 | - | ||
2912 | - exprc = xstrdup(expr); | ||
2913 | - val = exprc + (val - expr); | ||
2914 | - *val++ = '\0'; | ||
2915 | - | ||
2916 | - unescape_string_in_place(val); | ||
2917 | - setvar_u(newvar(exprc), val); | ||
2918 | - free(exprc); | ||
2919 | - return TRUE; | ||
2920 | -} | ||
2921 | - | ||
2922 | -/* switch to next input file */ | ||
2923 | -static rstream *next_input_file(void) | ||
2924 | -{ | ||
2925 | -#define rsm (G.next_input_file__rsm) | ||
2926 | -#define files_happen (G.next_input_file__files_happen) | ||
2927 | - | ||
2928 | - FILE *F; | ||
2929 | - const char *fname, *ind; | ||
2930 | - | ||
2931 | - if (rsm.F) | ||
2932 | - fclose(rsm.F); | ||
2933 | - rsm.F = NULL; | ||
2934 | - rsm.pos = rsm.adv = 0; | ||
2935 | - | ||
2936 | - for (;;) { | ||
2937 | - if (getvar_i(intvar[ARGIND])+1 >= getvar_i(intvar[ARGC])) { | ||
2938 | - if (files_happen) | ||
2939 | - return NULL; | ||
2940 | - fname = "-"; | ||
2941 | - F = stdin; | ||
2942 | - break; | ||
2943 | - } | ||
2944 | - ind = getvar_s(incvar(intvar[ARGIND])); | ||
2945 | - fname = getvar_s(findvar(iamarray(intvar[ARGV]), ind)); | ||
2946 | - if (fname && *fname && !is_assignment(fname)) { | ||
2947 | - F = xfopen_stdin(fname); | ||
2948 | - break; | ||
2949 | - } | ||
2950 | - } | ||
2951 | - | ||
2952 | - files_happen = TRUE; | ||
2953 | - setvar_s(intvar[FILENAME], fname); | ||
2954 | - rsm.F = F; | ||
2955 | - return &rsm; | ||
2956 | -#undef rsm | ||
2957 | -#undef files_happen | ||
2958 | + exit(G.exitcode); | ||
2959 | } | ||
2960 | |||
2961 | int awk_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; | ||
2962 | @@ -3224,12 +3566,7 @@ int awk_main(int argc UNUSED_PARAM, char **argv) | ||
2963 | #if ENABLE_FEATURE_AWK_GNU_EXTENSIONS | ||
2964 | llist_t *list_e = NULL; | ||
2965 | #endif | ||
2966 | - int i, j; | ||
2967 | - var *v; | ||
2968 | - var tv; | ||
2969 | - char **envp; | ||
2970 | - char *vnames = (char *)vNames; /* cheat */ | ||
2971 | - char *vvalues = (char *)vValues; | ||
2972 | + int i; | ||
2973 | |||
2974 | INIT_G(); | ||
2975 | |||
2976 | @@ -3238,48 +3575,43 @@ int awk_main(int argc UNUSED_PARAM, char **argv) | ||
2977 | if (ENABLE_LOCALE_SUPPORT) | ||
2978 | setlocale(LC_NUMERIC, "C"); | ||
2979 | |||
2980 | - zero_out_var(&tv); | ||
2981 | - | ||
2982 | - /* allocate global buffer */ | ||
2983 | - g_buf = xmalloc(MAXVARFMT + 1); | ||
2984 | - | ||
2985 | - vhash = hash_init(); | ||
2986 | - ahash = hash_init(); | ||
2987 | - fdhash = hash_init(); | ||
2988 | - fnhash = hash_init(); | ||
2989 | - | ||
2990 | /* initialize variables */ | ||
2991 | - for (i = 0; *vnames; i++) { | ||
2992 | - intvar[i] = v = newvar(nextword(&vnames)); | ||
2993 | - if (*vvalues != '\377') | ||
2994 | - setvar_s(v, nextword(&vvalues)); | ||
2995 | - else | ||
2996 | - setvar_i(v, 0); | ||
2997 | - | ||
2998 | - if (*vnames == '*') { | ||
2999 | - v->type |= VF_SPECIAL; | ||
3000 | - vnames++; | ||
3001 | + vhash = hash_init(); | ||
3002 | + { | ||
3003 | + char *vnames = (char *)vNames; /* cheat */ | ||
3004 | + char *vvalues = (char *)vValues; | ||
3005 | + for (i = 0; *vnames; i++) { | ||
3006 | + var *v; | ||
3007 | + intvar[i] = v = newvar(nextword(&vnames)); | ||
3008 | + if (*vvalues != '\377') | ||
3009 | + setvar_s(v, nextword(&vvalues)); | ||
3010 | + else | ||
3011 | + setvar_i(v, 0); | ||
3012 | + | ||
3013 | + if (*vnames == '*') { | ||
3014 | + v->type |= VF_SPECIAL; | ||
3015 | + vnames++; | ||
3016 | + } | ||
3017 | } | ||
3018 | } | ||
3019 | |||
3020 | handle_special(intvar[FS]); | ||
3021 | handle_special(intvar[RS]); | ||
3022 | |||
3023 | - newfile("/dev/stdin")->F = stdin; | ||
3024 | - newfile("/dev/stdout")->F = stdout; | ||
3025 | - newfile("/dev/stderr")->F = stderr; | ||
3026 | - | ||
3027 | /* Huh, people report that sometimes environ is NULL. Oh well. */ | ||
3028 | - if (environ) for (envp = environ; *envp; envp++) { | ||
3029 | - /* environ is writable, thus we don't strdup it needlessly */ | ||
3030 | - char *s = *envp; | ||
3031 | - char *s1 = strchr(s, '='); | ||
3032 | - if (s1) { | ||
3033 | - *s1 = '\0'; | ||
3034 | - /* Both findvar and setvar_u take const char* | ||
3035 | - * as 2nd arg -> environment is not trashed */ | ||
3036 | - setvar_u(findvar(iamarray(intvar[ENVIRON]), s), s1 + 1); | ||
3037 | - *s1 = '='; | ||
3038 | + if (environ) { | ||
3039 | + char **envp; | ||
3040 | + for (envp = environ; *envp; envp++) { | ||
3041 | + /* environ is writable, thus we don't strdup it needlessly */ | ||
3042 | + char *s = *envp; | ||
3043 | + char *s1 = strchr(s, '='); | ||
3044 | + if (s1) { | ||
3045 | + *s1 = '\0'; | ||
3046 | + /* Both findvar and setvar_u take const char* | ||
3047 | + * as 2nd arg -> environment is not trashed */ | ||
3048 | + setvar_u(findvar(iamarray(intvar[ENVIRON]), s), s1 + 1); | ||
3049 | + *s1 = '='; | ||
3050 | + } | ||
3051 | } | ||
3052 | } | ||
3053 | opt = getopt32(argv, OPTSTR_AWK, &opt_F, &list_v, &list_f, IF_FEATURE_AWK_GNU_EXTENSIONS(&list_e,) NULL); | ||
3054 | @@ -3295,20 +3627,19 @@ int awk_main(int argc UNUSED_PARAM, char **argv) | ||
3055 | if (!is_assignment(llist_pop(&list_v))) | ||
3056 | bb_show_usage(); | ||
3057 | } | ||
3058 | + | ||
3059 | + /* Parse all supplied programs */ | ||
3060 | + fnhash = hash_init(); | ||
3061 | + ahash = hash_init(); | ||
3062 | while (list_f) { | ||
3063 | - char *s = NULL; | ||
3064 | - FILE *from_file; | ||
3065 | + int fd; | ||
3066 | + char *s; | ||
3067 | |||
3068 | g_progname = llist_pop(&list_f); | ||
3069 | - from_file = xfopen_stdin(g_progname); | ||
3070 | - /* one byte is reserved for some trick in next_token */ | ||
3071 | - for (i = j = 1; j > 0; i += j) { | ||
3072 | - s = xrealloc(s, i + 4096); | ||
3073 | - j = fread(s + i, 1, 4094, from_file); | ||
3074 | - } | ||
3075 | - s[i] = '\0'; | ||
3076 | - fclose(from_file); | ||
3077 | - parse_program(s + 1); | ||
3078 | + fd = xopen_stdin(g_progname); | ||
3079 | + s = xmalloc_read(fd, NULL); /* it's NUL-terminated */ | ||
3080 | + close(fd); | ||
3081 | + parse_program(s); | ||
3082 | free(s); | ||
3083 | } | ||
3084 | g_progname = "cmd. line"; | ||
3085 | @@ -3317,11 +3648,23 @@ int awk_main(int argc UNUSED_PARAM, char **argv) | ||
3086 | parse_program(llist_pop(&list_e)); | ||
3087 | } | ||
3088 | #endif | ||
3089 | +//FIXME: preserve order of -e and -f | ||
3090 | +//TODO: implement -i LIBRARY and -E FILE too, they are easy-ish | ||
3091 | if (!(opt & (OPT_f | OPT_e))) { | ||
3092 | if (!*argv) | ||
3093 | bb_show_usage(); | ||
3094 | parse_program(*argv++); | ||
3095 | } | ||
3096 | + /* Free unused parse structures */ | ||
3097 | + //hash_free(fnhash); // ~250 bytes when empty, used only for function names | ||
3098 | + //^^^^^^^^^^^^^^^^^ does not work, hash_clear() inside SEGVs | ||
3099 | + // (IOW: hash_clear() assumes it's a hash of variables. fnhash is not). | ||
3100 | + free(fnhash->items); | ||
3101 | + free(fnhash); | ||
3102 | + fnhash = NULL; // debug | ||
3103 | + //hash_free(ahash); // empty after parsing, will reuse as fdhash instead of freeing | ||
3104 | + | ||
3105 | + /* Parsing done, on to executing */ | ||
3106 | |||
3107 | /* fill in ARGV array */ | ||
3108 | setari_u(intvar[ARGV], 0, "awk"); | ||
3109 | @@ -3330,9 +3673,14 @@ int awk_main(int argc UNUSED_PARAM, char **argv) | ||
3110 | setari_u(intvar[ARGV], ++i, *argv++); | ||
3111 | setvar_i(intvar[ARGC], i + 1); | ||
3112 | |||
3113 | - evaluate(beginseq.first, &tv); | ||
3114 | + //fdhash = ahash; // done via define | ||
3115 | + newfile("/dev/stdin")->F = stdin; | ||
3116 | + newfile("/dev/stdout")->F = stdout; | ||
3117 | + newfile("/dev/stderr")->F = stderr; | ||
3118 | + | ||
3119 | + evaluate(beginseq.first, &G.main__tmpvar); | ||
3120 | if (!mainseq.first && !endseq.first) | ||
3121 | - awk_exit(EXIT_SUCCESS); | ||
3122 | + awk_exit(); | ||
3123 | |||
3124 | /* input file could already be opened in BEGIN block */ | ||
3125 | if (!iF) | ||
3126 | @@ -3347,7 +3695,7 @@ int awk_main(int argc UNUSED_PARAM, char **argv) | ||
3127 | nextrec = FALSE; | ||
3128 | incvar(intvar[NR]); | ||
3129 | incvar(intvar[FNR]); | ||
3130 | - evaluate(mainseq.first, &tv); | ||
3131 | + evaluate(mainseq.first, &G.main__tmpvar); | ||
3132 | |||
3133 | if (nextfile) | ||
3134 | break; | ||
3135 | @@ -3359,6 +3707,6 @@ int awk_main(int argc UNUSED_PARAM, char **argv) | ||
3136 | iF = next_input_file(); | ||
3137 | } | ||
3138 | |||
3139 | - awk_exit(EXIT_SUCCESS); | ||
3140 | + awk_exit(); | ||
3141 | /*return 0;*/ | ||
3142 | } | ||
3143 | diff --git a/testsuite/awk.tests b/testsuite/awk.tests | ||
3144 | index 92c83d719..4a7a01245 100755 | ||
3145 | --- a/testsuite/awk.tests | ||
3146 | +++ b/testsuite/awk.tests | ||
3147 | @@ -44,6 +44,16 @@ testing "awk handles empty function f(arg){}" \ | ||
3148 | "L1\n\nL2\n\n" \ | ||
3149 | "" "" | ||
3150 | |||
3151 | +prg=' | ||
3152 | +function empty_fun(){} | ||
3153 | +END {empty_fun() | ||
3154 | + print "Ok" | ||
3155 | +}' | ||
3156 | +testing "awk handles empty function f(){}" \ | ||
3157 | + "awk '$prg'" \ | ||
3158 | + "Ok\n" \ | ||
3159 | + "" "" | ||
3160 | + | ||
3161 | prg=' | ||
3162 | function outer_fun() { | ||
3163 | return 1 | ||
3164 | @@ -71,6 +81,23 @@ testing "awk properly handles undefined function" \ | ||
3165 | "L1\n\nawk: cmd. line:5: Call to undefined function\n" \ | ||
3166 | "" "" | ||
3167 | |||
3168 | +prg=' | ||
3169 | +BEGIN { | ||
3170 | + v=1 | ||
3171 | + a=2 | ||
3172 | + print v (a) | ||
3173 | +}' | ||
3174 | +testing "awk 'v (a)' is not a function call, it is a concatenation" \ | ||
3175 | + "awk '$prg' 2>&1" \ | ||
3176 | + "12\n" \ | ||
3177 | + "" "" | ||
3178 | + | ||
3179 | +prg='func f(){print"F"};func g(){print"G"};BEGIN{f(g(),g())}' | ||
3180 | +testing "awk unused function args are evaluated" \ | ||
3181 | + "awk '$prg' 2>&1" \ | ||
3182 | + "G\nG\nF\n" \ | ||
3183 | + "" "" | ||
3184 | + | ||
3185 | |||
3186 | optional DESKTOP | ||
3187 | testing "awk hex const 1" "awk '{ print or(0xffffffff,1) }'" "4294967295\n" "" "\n" | ||
3188 | @@ -352,19 +379,14 @@ testing "awk -e and ARGC" \ | ||
3189 | "" | ||
3190 | SKIP= | ||
3191 | |||
3192 | -# The examples are in fact not valid awk programs (break/continue | ||
3193 | -# can only be used inside loops). | ||
3194 | -# But we do accept them outside of loops. | ||
3195 | -# We had a bug with misparsing "break ; else" sequence. | ||
3196 | -# Test that *that* bug is fixed, using simplest possible scripts: | ||
3197 | testing "awk break" \ | ||
3198 | "awk -f - 2>&1; echo \$?" \ | ||
3199 | - "0\n" \ | ||
3200 | + "awk: -:1: 'break' not in a loop\n1\n" \ | ||
3201 | "" \ | ||
3202 | 'BEGIN { if (1) break; else a = 1 }' | ||
3203 | testing "awk continue" \ | ||
3204 | "awk -f - 2>&1; echo \$?" \ | ||
3205 | - "0\n" \ | ||
3206 | + "awk: -:1: 'continue' not in a loop\n1\n" \ | ||
3207 | "" \ | ||
3208 | 'BEGIN { if (1) continue; else a = 1 }' | ||
3209 | |||
3210 | @@ -383,6 +405,11 @@ testing "awk errors on missing delete arg" \ | ||
3211 | "awk -e '{delete}' 2>&1" "awk: cmd. line:1: Too few arguments\n" "" "" | ||
3212 | SKIP= | ||
3213 | |||
3214 | +optional FEATURE_AWK_GNU_EXTENSIONS | ||
3215 | +testing "awk printf('%c') can output NUL" \ | ||
3216 | + "awk '{printf(\"hello%c null\n\", 0)}'" "hello\0 null\n" "" "\n" | ||
3217 | +SKIP= | ||
3218 | + | ||
3219 | # testing "description" "command" "result" "infile" "stdin" | ||
3220 | testing 'awk negative field access' \ | ||
3221 | 'awk 2>&1 -- '\''{ $(-1) }'\' \ | ||
3222 | @@ -413,4 +440,25 @@ testing 'awk $NF is empty' \ | ||
3223 | '' \ | ||
3224 | 'a=====123=' | ||
3225 | |||
3226 | +testing "awk exit N propagates through END's exit" \ | ||
3227 | + "awk 'BEGIN { exit 42 } END { exit }'; echo \$?" \ | ||
3228 | + "42\n" \ | ||
3229 | + '' '' | ||
3230 | + | ||
3231 | +testing "awk print + redirect" \ | ||
3232 | + "awk 'BEGIN { print \"STDERR %s\" >\"/dev/stderr\" }' 2>&1" \ | ||
3233 | + "STDERR %s\n" \ | ||
3234 | + '' '' | ||
3235 | + | ||
3236 | +testing "awk \"cmd\" | getline" \ | ||
3237 | + "awk 'BEGIN { \"echo HELLO\" | getline; print }'" \ | ||
3238 | + "HELLO\n" \ | ||
3239 | + '' '' | ||
3240 | + | ||
3241 | +# printf %% should print one % (had a bug where it didn't) | ||
3242 | +testing 'awk printf %% prints one %' \ | ||
3243 | + "awk 'BEGIN { printf \"%%\n\" }'" \ | ||
3244 | + "%\n" \ | ||
3245 | + '' '' | ||
3246 | + | ||
3247 | exit $FAILCOUNT | ||
3248 | diff --git a/testsuite/printf.tests b/testsuite/printf.tests | ||
3249 | index 34a65926e..050edef71 100755 | ||
3250 | --- a/testsuite/printf.tests | ||
3251 | +++ b/testsuite/printf.tests | ||
3252 | @@ -79,6 +79,11 @@ testing "printf understands %Ld" \ | ||
3253 | "-5\n""0\n" \ | ||
3254 | "" "" | ||
3255 | |||
3256 | +testing "printf understands %%" \ | ||
3257 | + "${bb}printf '%%\n' 2>&1; echo \$?" \ | ||
3258 | + "%\n""0\n" \ | ||
3259 | + "" "" | ||
3260 | + | ||
3261 | testing "printf handles positive numbers for %d" \ | ||
3262 | "${bb}printf '%d\n' 3 +3 ' 3' ' +3' 2>&1; echo \$?" \ | ||
3263 | "3\n"\ | ||
3264 | -- | ||
3265 | 2.33.0 | ||
3266 | |||
diff --git a/meta/recipes-core/busybox/busybox/0002-man-fix-segfault-in-man-1.patch b/meta/recipes-core/busybox/busybox/0002-man-fix-segfault-in-man-1.patch new file mode 100644 index 0000000000..4a930b7b6f --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0002-man-fix-segfault-in-man-1.patch | |||
@@ -0,0 +1,30 @@ | |||
1 | From 4975cace9bf96bfde174f8bb5cc4068d2ea294d4 Mon Sep 17 00:00:00 2001 | ||
2 | From: Denys Vlasenko <vda.linux@googlemail.com> | ||
3 | Date: Tue, 15 Jun 2021 14:47:46 +0200 | ||
4 | Subject: [PATCH] man: fix segfault in "man 1" | ||
5 | |||
6 | function old new delta | ||
7 | man_main 942 954 +12 | ||
8 | |||
9 | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> | ||
10 | |||
11 | Upstream-Status: Backport [4d4fc5ca5ee4f] | ||
12 | CVE: CVE-2021-42373 | ||
13 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | ||
14 | --- | ||
15 | miscutils/man.c | 2 +- | ||
16 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
17 | |||
18 | diff --git a/miscutils/man.c b/miscutils/man.c | ||
19 | index 722f6641e..d319e8bba 100644 | ||
20 | --- a/miscutils/man.c | ||
21 | +++ b/miscutils/man.c | ||
22 | @@ -324,7 +324,7 @@ int man_main(int argc UNUSED_PARAM, char **argv) | ||
23 | |||
24 | /* is 1st ARG a SECTION? */ | ||
25 | sec_list = conf_sec_list; | ||
26 | - if (is_section_name(conf_sec_list, *argv)) { | ||
27 | + if (is_section_name(conf_sec_list, *argv) && argv[1]) { | ||
28 | /* yes */ | ||
29 | sec_list = *argv++; | ||
30 | } | ||
diff --git a/meta/recipes-core/busybox/busybox_1.33.1.bb b/meta/recipes-core/busybox/busybox_1.33.2.bb index 4002d6a5c6..4a0d3b4556 100644 --- a/meta/recipes-core/busybox/busybox_1.33.1.bb +++ b/meta/recipes-core/busybox/busybox_1.33.2.bb | |||
@@ -48,7 +48,9 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \ | |||
48 | file://0001-sysctl-ignore-EIO-of-stable_secret-below-proc-sys-ne.patch \ | 48 | file://0001-sysctl-ignore-EIO-of-stable_secret-below-proc-sys-ne.patch \ |
49 | file://0001-gen_build_files-Use-C-locale-when-calling-sed-on-glo.patch \ | 49 | file://0001-gen_build_files-Use-C-locale-when-calling-sed-on-glo.patch \ |
50 | file://0001-mktemp-add-tmpdir-option.patch \ | 50 | file://0001-mktemp-add-tmpdir-option.patch \ |
51 | file://0001-awk-fix-CVEs.patch \ | ||
52 | file://0002-man-fix-segfault-in-man-1.patch \ | ||
51 | " | 53 | " |
52 | SRC_URI_append_libc-musl = " file://musl.cfg " | 54 | SRC_URI_append_libc-musl = " file://musl.cfg " |
53 | 55 | ||
54 | SRC_URI[tarball.sha256sum] = "12cec6bd2b16d8a9446dd16130f2b92982f1819f6e1c5f5887b6db03f5660d28" | 56 | SRC_URI[tarball.sha256sum] = "6843ba7977081e735fa0fdb05893e3c002c8c5ad7c9c80da206e603cc0ac47e7" |
diff --git a/meta/recipes-core/expat/expat/CVE-2021-45960.patch b/meta/recipes-core/expat/expat/CVE-2021-45960.patch new file mode 100644 index 0000000000..523449e22c --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2021-45960.patch | |||
@@ -0,0 +1,65 @@ | |||
1 | From 0adcb34c49bee5b19bd29b16a578c510c23597ea Mon Sep 17 00:00:00 2001 | ||
2 | From: Sebastian Pipping <sebastian@pipping.org> | ||
3 | Date: Mon, 27 Dec 2021 20:15:02 +0100 | ||
4 | Subject: [PATCH] lib: Detect and prevent troublesome left shifts in function | ||
5 | storeAtts (CVE-2021-45960) | ||
6 | |||
7 | Upstream-Status: Backport: | ||
8 | https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea | ||
9 | |||
10 | CVE: CVE-2021-45960 | ||
11 | Signed-off-by: Steve Sakoman <steve@sakoman.com> | ||
12 | |||
13 | --- | ||
14 | expat/lib/xmlparse.c | 31 +++++++++++++++++++++++++++++-- | ||
15 | 1 file changed, 29 insertions(+), 2 deletions(-) | ||
16 | |||
17 | diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c | ||
18 | index d730f41c3..b47c31b05 100644 | ||
19 | --- a/lib/xmlparse.c | ||
20 | +++ b/lib/xmlparse.c | ||
21 | @@ -3414,7 +3414,13 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, | ||
22 | if (nPrefixes) { | ||
23 | int j; /* hash table index */ | ||
24 | unsigned long version = parser->m_nsAttsVersion; | ||
25 | - int nsAttsSize = (int)1 << parser->m_nsAttsPower; | ||
26 | + | ||
27 | + /* Detect and prevent invalid shift */ | ||
28 | + if (parser->m_nsAttsPower >= sizeof(unsigned int) * 8 /* bits per byte */) { | ||
29 | + return XML_ERROR_NO_MEMORY; | ||
30 | + } | ||
31 | + | ||
32 | + unsigned int nsAttsSize = 1u << parser->m_nsAttsPower; | ||
33 | unsigned char oldNsAttsPower = parser->m_nsAttsPower; | ||
34 | /* size of hash table must be at least 2 * (# of prefixed attributes) */ | ||
35 | if ((nPrefixes << 1) | ||
36 | @@ -3425,7 +3431,28 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, | ||
37 | ; | ||
38 | if (parser->m_nsAttsPower < 3) | ||
39 | parser->m_nsAttsPower = 3; | ||
40 | - nsAttsSize = (int)1 << parser->m_nsAttsPower; | ||
41 | + | ||
42 | + /* Detect and prevent invalid shift */ | ||
43 | + if (parser->m_nsAttsPower >= sizeof(nsAttsSize) * 8 /* bits per byte */) { | ||
44 | + /* Restore actual size of memory in m_nsAtts */ | ||
45 | + parser->m_nsAttsPower = oldNsAttsPower; | ||
46 | + return XML_ERROR_NO_MEMORY; | ||
47 | + } | ||
48 | + | ||
49 | + nsAttsSize = 1u << parser->m_nsAttsPower; | ||
50 | + | ||
51 | + /* Detect and prevent integer overflow. | ||
52 | + * The preprocessor guard addresses the "always false" warning | ||
53 | + * from -Wtype-limits on platforms where | ||
54 | + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ | ||
55 | +#if UINT_MAX >= SIZE_MAX | ||
56 | + if (nsAttsSize > (size_t)(-1) / sizeof(NS_ATT)) { | ||
57 | + /* Restore actual size of memory in m_nsAtts */ | ||
58 | + parser->m_nsAttsPower = oldNsAttsPower; | ||
59 | + return XML_ERROR_NO_MEMORY; | ||
60 | + } | ||
61 | +#endif | ||
62 | + | ||
63 | temp = (NS_ATT *)REALLOC(parser, parser->m_nsAtts, | ||
64 | nsAttsSize * sizeof(NS_ATT)); | ||
65 | if (! temp) { | ||
diff --git a/meta/recipes-core/expat/expat/CVE-2021-46143.patch b/meta/recipes-core/expat/expat/CVE-2021-46143.patch new file mode 100644 index 0000000000..b1a726d9a8 --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2021-46143.patch | |||
@@ -0,0 +1,49 @@ | |||
1 | From 85ae9a2d7d0e9358f356b33977b842df8ebaec2b Mon Sep 17 00:00:00 2001 | ||
2 | From: Sebastian Pipping <sebastian@pipping.org> | ||
3 | Date: Sat, 25 Dec 2021 20:52:08 +0100 | ||
4 | Subject: [PATCH] lib: Prevent integer overflow on m_groupSize in function | ||
5 | doProlog (CVE-2021-46143) | ||
6 | |||
7 | Upstream-Status: Backport: | ||
8 | https://github.com/libexpat/libexpat/pull/538/commits/85ae9a2d7d0e9358f356b33977b842df8ebaec2b | ||
9 | |||
10 | CVE: CVE-2021-46143 | ||
11 | |||
12 | Signed-off-by: Steve Sakoman <steve@sakoman.com> | ||
13 | --- | ||
14 | expat/lib/xmlparse.c | 15 +++++++++++++++ | ||
15 | 1 file changed, 15 insertions(+) | ||
16 | |||
17 | diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c | ||
18 | index b47c31b0..8f243126 100644 | ||
19 | --- a/lib/xmlparse.c | ||
20 | +++ b/lib/xmlparse.c | ||
21 | @@ -5046,6 +5046,11 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end, | ||
22 | if (parser->m_prologState.level >= parser->m_groupSize) { | ||
23 | if (parser->m_groupSize) { | ||
24 | { | ||
25 | + /* Detect and prevent integer overflow */ | ||
26 | + if (parser->m_groupSize > (unsigned int)(-1) / 2u) { | ||
27 | + return XML_ERROR_NO_MEMORY; | ||
28 | + } | ||
29 | + | ||
30 | char *const new_connector = (char *)REALLOC( | ||
31 | parser, parser->m_groupConnector, parser->m_groupSize *= 2); | ||
32 | if (new_connector == NULL) { | ||
33 | @@ -5056,6 +5061,16 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end, | ||
34 | } | ||
35 | |||
36 | if (dtd->scaffIndex) { | ||
37 | + /* Detect and prevent integer overflow. | ||
38 | + * The preprocessor guard addresses the "always false" warning | ||
39 | + * from -Wtype-limits on platforms where | ||
40 | + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ | ||
41 | +#if UINT_MAX >= SIZE_MAX | ||
42 | + if (parser->m_groupSize > (size_t)(-1) / sizeof(int)) { | ||
43 | + return XML_ERROR_NO_MEMORY; | ||
44 | + } | ||
45 | +#endif | ||
46 | + | ||
47 | int *const new_scaff_index = (int *)REALLOC( | ||
48 | parser, dtd->scaffIndex, parser->m_groupSize * sizeof(int)); | ||
49 | if (new_scaff_index == NULL) | ||
diff --git a/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch b/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch new file mode 100644 index 0000000000..e569fbc7ab --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch | |||
@@ -0,0 +1,257 @@ | |||
1 | From 9f93e8036e842329863bf20395b8fb8f73834d9e Mon Sep 17 00:00:00 2001 | ||
2 | From: Sebastian Pipping <sebastian@pipping.org> | ||
3 | Date: Thu, 30 Dec 2021 22:46:03 +0100 | ||
4 | Subject: [PATCH] lib: Prevent integer overflow at multiple places | ||
5 | (CVE-2022-22822 to CVE-2022-22827) | ||
6 | |||
7 | The involved functions are: | ||
8 | - addBinding (CVE-2022-22822) | ||
9 | - build_model (CVE-2022-22823) | ||
10 | - defineAttribute (CVE-2022-22824) | ||
11 | - lookup (CVE-2022-22825) | ||
12 | - nextScaffoldPart (CVE-2022-22826) | ||
13 | - storeAtts (CVE-2022-22827) | ||
14 | |||
15 | Upstream-Status: Backport: | ||
16 | https://github.com/libexpat/libexpat/pull/539/commits/9f93e8036e842329863bf20395b8fb8f73834d9e | ||
17 | |||
18 | CVE: CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 | ||
19 | Signed-off-by: Steve Sakoman <steve@sakoman.com> | ||
20 | |||
21 | --- | ||
22 | expat/lib/xmlparse.c | 153 ++++++++++++++++++++++++++++++++++++++++++- | ||
23 | 1 file changed, 151 insertions(+), 2 deletions(-) | ||
24 | |||
25 | diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c | ||
26 | index 8f243126..575e73ee 100644 | ||
27 | --- a/lib/xmlparse.c | ||
28 | +++ b/lib/xmlparse.c | ||
29 | @@ -3261,13 +3261,38 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, | ||
30 | |||
31 | /* get the attributes from the tokenizer */ | ||
32 | n = XmlGetAttributes(enc, attStr, parser->m_attsSize, parser->m_atts); | ||
33 | + | ||
34 | + /* Detect and prevent integer overflow */ | ||
35 | + if (n > INT_MAX - nDefaultAtts) { | ||
36 | + return XML_ERROR_NO_MEMORY; | ||
37 | + } | ||
38 | + | ||
39 | if (n + nDefaultAtts > parser->m_attsSize) { | ||
40 | int oldAttsSize = parser->m_attsSize; | ||
41 | ATTRIBUTE *temp; | ||
42 | #ifdef XML_ATTR_INFO | ||
43 | XML_AttrInfo *temp2; | ||
44 | #endif | ||
45 | + | ||
46 | + /* Detect and prevent integer overflow */ | ||
47 | + if ((nDefaultAtts > INT_MAX - INIT_ATTS_SIZE) | ||
48 | + || (n > INT_MAX - (nDefaultAtts + INIT_ATTS_SIZE))) { | ||
49 | + return XML_ERROR_NO_MEMORY; | ||
50 | + } | ||
51 | + | ||
52 | parser->m_attsSize = n + nDefaultAtts + INIT_ATTS_SIZE; | ||
53 | + | ||
54 | + /* Detect and prevent integer overflow. | ||
55 | + * The preprocessor guard addresses the "always false" warning | ||
56 | + * from -Wtype-limits on platforms where | ||
57 | + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ | ||
58 | +#if UINT_MAX >= SIZE_MAX | ||
59 | + if ((unsigned)parser->m_attsSize > (size_t)(-1) / sizeof(ATTRIBUTE)) { | ||
60 | + parser->m_attsSize = oldAttsSize; | ||
61 | + return XML_ERROR_NO_MEMORY; | ||
62 | + } | ||
63 | +#endif | ||
64 | + | ||
65 | temp = (ATTRIBUTE *)REALLOC(parser, (void *)parser->m_atts, | ||
66 | parser->m_attsSize * sizeof(ATTRIBUTE)); | ||
67 | if (temp == NULL) { | ||
68 | @@ -3276,6 +3301,17 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, | ||
69 | } | ||
70 | parser->m_atts = temp; | ||
71 | #ifdef XML_ATTR_INFO | ||
72 | + /* Detect and prevent integer overflow. | ||
73 | + * The preprocessor guard addresses the "always false" warning | ||
74 | + * from -Wtype-limits on platforms where | ||
75 | + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ | ||
76 | +# if UINT_MAX >= SIZE_MAX | ||
77 | + if ((unsigned)parser->m_attsSize > (size_t)(-1) / sizeof(XML_AttrInfo)) { | ||
78 | + parser->m_attsSize = oldAttsSize; | ||
79 | + return XML_ERROR_NO_MEMORY; | ||
80 | + } | ||
81 | +# endif | ||
82 | + | ||
83 | temp2 = (XML_AttrInfo *)REALLOC(parser, (void *)parser->m_attInfo, | ||
84 | parser->m_attsSize * sizeof(XML_AttrInfo)); | ||
85 | if (temp2 == NULL) { | ||
86 | @@ -3610,9 +3646,31 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, | ||
87 | tagNamePtr->prefixLen = prefixLen; | ||
88 | for (i = 0; localPart[i++];) | ||
89 | ; /* i includes null terminator */ | ||
90 | + | ||
91 | + /* Detect and prevent integer overflow */ | ||
92 | + if (binding->uriLen > INT_MAX - prefixLen | ||
93 | + || i > INT_MAX - (binding->uriLen + prefixLen)) { | ||
94 | + return XML_ERROR_NO_MEMORY; | ||
95 | + } | ||
96 | + | ||
97 | n = i + binding->uriLen + prefixLen; | ||
98 | if (n > binding->uriAlloc) { | ||
99 | TAG *p; | ||
100 | + | ||
101 | + /* Detect and prevent integer overflow */ | ||
102 | + if (n > INT_MAX - EXPAND_SPARE) { | ||
103 | + return XML_ERROR_NO_MEMORY; | ||
104 | + } | ||
105 | + /* Detect and prevent integer overflow. | ||
106 | + * The preprocessor guard addresses the "always false" warning | ||
107 | + * from -Wtype-limits on platforms where | ||
108 | + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ | ||
109 | +#if UINT_MAX >= SIZE_MAX | ||
110 | + if ((unsigned)(n + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) { | ||
111 | + return XML_ERROR_NO_MEMORY; | ||
112 | + } | ||
113 | +#endif | ||
114 | + | ||
115 | uri = (XML_Char *)MALLOC(parser, (n + EXPAND_SPARE) * sizeof(XML_Char)); | ||
116 | if (! uri) | ||
117 | return XML_ERROR_NO_MEMORY; | ||
118 | @@ -3708,6 +3766,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, | ||
119 | if (parser->m_freeBindingList) { | ||
120 | b = parser->m_freeBindingList; | ||
121 | if (len > b->uriAlloc) { | ||
122 | + /* Detect and prevent integer overflow */ | ||
123 | + if (len > INT_MAX - EXPAND_SPARE) { | ||
124 | + return XML_ERROR_NO_MEMORY; | ||
125 | + } | ||
126 | + | ||
127 | + /* Detect and prevent integer overflow. | ||
128 | + * The preprocessor guard addresses the "always false" warning | ||
129 | + * from -Wtype-limits on platforms where | ||
130 | + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ | ||
131 | +#if UINT_MAX >= SIZE_MAX | ||
132 | + if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) { | ||
133 | + return XML_ERROR_NO_MEMORY; | ||
134 | + } | ||
135 | +#endif | ||
136 | + | ||
137 | XML_Char *temp = (XML_Char *)REALLOC( | ||
138 | parser, b->uri, sizeof(XML_Char) * (len + EXPAND_SPARE)); | ||
139 | if (temp == NULL) | ||
140 | @@ -3720,6 +3793,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, | ||
141 | b = (BINDING *)MALLOC(parser, sizeof(BINDING)); | ||
142 | if (! b) | ||
143 | return XML_ERROR_NO_MEMORY; | ||
144 | + | ||
145 | + /* Detect and prevent integer overflow */ | ||
146 | + if (len > INT_MAX - EXPAND_SPARE) { | ||
147 | + return XML_ERROR_NO_MEMORY; | ||
148 | + } | ||
149 | + /* Detect and prevent integer overflow. | ||
150 | + * The preprocessor guard addresses the "always false" warning | ||
151 | + * from -Wtype-limits on platforms where | ||
152 | + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ | ||
153 | +#if UINT_MAX >= SIZE_MAX | ||
154 | + if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) { | ||
155 | + return XML_ERROR_NO_MEMORY; | ||
156 | + } | ||
157 | +#endif | ||
158 | + | ||
159 | b->uri | ||
160 | = (XML_Char *)MALLOC(parser, sizeof(XML_Char) * (len + EXPAND_SPARE)); | ||
161 | if (! b->uri) { | ||
162 | @@ -6141,7 +6229,24 @@ defineAttribute(ELEMENT_TYPE *type, ATTRIBUTE_ID *attId, XML_Bool isCdata, | ||
163 | } | ||
164 | } else { | ||
165 | DEFAULT_ATTRIBUTE *temp; | ||
166 | + | ||
167 | + /* Detect and prevent integer overflow */ | ||
168 | + if (type->allocDefaultAtts > INT_MAX / 2) { | ||
169 | + return 0; | ||
170 | + } | ||
171 | + | ||
172 | int count = type->allocDefaultAtts * 2; | ||
173 | + | ||
174 | + /* Detect and prevent integer overflow. | ||
175 | + * The preprocessor guard addresses the "always false" warning | ||
176 | + * from -Wtype-limits on platforms where | ||
177 | + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ | ||
178 | +#if UINT_MAX >= SIZE_MAX | ||
179 | + if ((unsigned)count > (size_t)(-1) / sizeof(DEFAULT_ATTRIBUTE)) { | ||
180 | + return 0; | ||
181 | + } | ||
182 | +#endif | ||
183 | + | ||
184 | temp = (DEFAULT_ATTRIBUTE *)REALLOC(parser, type->defaultAtts, | ||
185 | (count * sizeof(DEFAULT_ATTRIBUTE))); | ||
186 | if (temp == NULL) | ||
187 | @@ -6792,8 +6897,20 @@ lookup(XML_Parser parser, HASH_TABLE *table, KEY name, size_t createSize) { | ||
188 | /* check for overflow (table is half full) */ | ||
189 | if (table->used >> (table->power - 1)) { | ||
190 | unsigned char newPower = table->power + 1; | ||
191 | + | ||
192 | + /* Detect and prevent invalid shift */ | ||
193 | + if (newPower >= sizeof(unsigned long) * 8 /* bits per byte */) { | ||
194 | + return NULL; | ||
195 | + } | ||
196 | + | ||
197 | size_t newSize = (size_t)1 << newPower; | ||
198 | unsigned long newMask = (unsigned long)newSize - 1; | ||
199 | + | ||
200 | + /* Detect and prevent integer overflow */ | ||
201 | + if (newSize > (size_t)(-1) / sizeof(NAMED *)) { | ||
202 | + return NULL; | ||
203 | + } | ||
204 | + | ||
205 | size_t tsize = newSize * sizeof(NAMED *); | ||
206 | NAMED **newV = (NAMED **)table->mem->malloc_fcn(tsize); | ||
207 | if (! newV) | ||
208 | @@ -7143,6 +7260,20 @@ nextScaffoldPart(XML_Parser parser) { | ||
209 | if (dtd->scaffCount >= dtd->scaffSize) { | ||
210 | CONTENT_SCAFFOLD *temp; | ||
211 | if (dtd->scaffold) { | ||
212 | + /* Detect and prevent integer overflow */ | ||
213 | + if (dtd->scaffSize > UINT_MAX / 2u) { | ||
214 | + return -1; | ||
215 | + } | ||
216 | + /* Detect and prevent integer overflow. | ||
217 | + * The preprocessor guard addresses the "always false" warning | ||
218 | + * from -Wtype-limits on platforms where | ||
219 | + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ | ||
220 | +#if UINT_MAX >= SIZE_MAX | ||
221 | + if (dtd->scaffSize > (size_t)(-1) / 2u / sizeof(CONTENT_SCAFFOLD)) { | ||
222 | + return -1; | ||
223 | + } | ||
224 | +#endif | ||
225 | + | ||
226 | temp = (CONTENT_SCAFFOLD *)REALLOC( | ||
227 | parser, dtd->scaffold, dtd->scaffSize * 2 * sizeof(CONTENT_SCAFFOLD)); | ||
228 | if (temp == NULL) | ||
229 | @@ -7212,8 +7343,26 @@ build_model(XML_Parser parser) { | ||
230 | XML_Content *ret; | ||
231 | XML_Content *cpos; | ||
232 | XML_Char *str; | ||
233 | - int allocsize = (dtd->scaffCount * sizeof(XML_Content) | ||
234 | - + (dtd->contentStringLen * sizeof(XML_Char))); | ||
235 | + | ||
236 | + /* Detect and prevent integer overflow. | ||
237 | + * The preprocessor guard addresses the "always false" warning | ||
238 | + * from -Wtype-limits on platforms where | ||
239 | + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ | ||
240 | +#if UINT_MAX >= SIZE_MAX | ||
241 | + if (dtd->scaffCount > (size_t)(-1) / sizeof(XML_Content)) { | ||
242 | + return NULL; | ||
243 | + } | ||
244 | + if (dtd->contentStringLen > (size_t)(-1) / sizeof(XML_Char)) { | ||
245 | + return NULL; | ||
246 | + } | ||
247 | +#endif | ||
248 | + if (dtd->scaffCount * sizeof(XML_Content) | ||
249 | + > (size_t)(-1) - dtd->contentStringLen * sizeof(XML_Char)) { | ||
250 | + return NULL; | ||
251 | + } | ||
252 | + | ||
253 | + const size_t allocsize = (dtd->scaffCount * sizeof(XML_Content) | ||
254 | + + (dtd->contentStringLen * sizeof(XML_Char))); | ||
255 | |||
256 | ret = (XML_Content *)MALLOC(parser, allocsize); | ||
257 | if (! ret) | ||
diff --git a/meta/recipes-core/expat/expat/CVE-2022-23852.patch b/meta/recipes-core/expat/expat/CVE-2022-23852.patch new file mode 100644 index 0000000000..41425c108b --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-23852.patch | |||
@@ -0,0 +1,33 @@ | |||
1 | From 847a645152f5ebc10ac63b74b604d0c1a79fae40 Mon Sep 17 00:00:00 2001 | ||
2 | From: Samanta Navarro <ferivoz@riseup.net> | ||
3 | Date: Sat, 22 Jan 2022 17:48:00 +0100 | ||
4 | Subject: [PATCH] lib: Detect and prevent integer overflow in XML_GetBuffer | ||
5 | (CVE-2022-23852) | ||
6 | |||
7 | Upstream-Status: Backport: | ||
8 | https://github.com/libexpat/libexpat/commit/847a645152f5ebc10ac63b74b604d0c1a79fae40 | ||
9 | |||
10 | CVE: CVE-2022-23852 | ||
11 | |||
12 | Signed-off-by: Steve Sakoman <steve@sakoman.com> | ||
13 | |||
14 | --- | ||
15 | expat/lib/xmlparse.c | 5 +++++ | ||
16 | 1 file changed, 5 insertions(+) | ||
17 | |||
18 | diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c | ||
19 | index d54af683..5ce31402 100644 | ||
20 | --- a/lib/xmlparse.c | ||
21 | +++ b/lib/xmlparse.c | ||
22 | @@ -2067,6 +2067,11 @@ XML_GetBuffer(XML_Parser parser, int len) { | ||
23 | keep = (int)EXPAT_SAFE_PTR_DIFF(parser->m_bufferPtr, parser->m_buffer); | ||
24 | if (keep > XML_CONTEXT_BYTES) | ||
25 | keep = XML_CONTEXT_BYTES; | ||
26 | + /* Detect and prevent integer overflow */ | ||
27 | + if (keep > INT_MAX - neededSize) { | ||
28 | + parser->m_errorCode = XML_ERROR_NO_MEMORY; | ||
29 | + return NULL; | ||
30 | + } | ||
31 | neededSize += keep; | ||
32 | #endif /* defined XML_CONTEXT_BYTES */ | ||
33 | if (neededSize | ||
diff --git a/meta/recipes-core/expat/expat/CVE-2022-23990.patch b/meta/recipes-core/expat/expat/CVE-2022-23990.patch new file mode 100644 index 0000000000..c599517b3e --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-23990.patch | |||
@@ -0,0 +1,49 @@ | |||
1 | From ede41d1e186ed2aba88a06e84cac839b770af3a1 Mon Sep 17 00:00:00 2001 | ||
2 | From: Sebastian Pipping <sebastian@pipping.org> | ||
3 | Date: Wed, 26 Jan 2022 02:36:43 +0100 | ||
4 | Subject: [PATCH] lib: Prevent integer overflow in doProlog (CVE-2022-23990) | ||
5 | |||
6 | The change from "int nameLen" to "size_t nameLen" | ||
7 | addresses the overflow on "nameLen++" in code | ||
8 | "for (; name[nameLen++];)" right above the second | ||
9 | change in the patch. | ||
10 | |||
11 | Upstream-Status: Backport: | ||
12 | https://github.com/libexpat/libexpat/pull/551/commits/ede41d1e186ed2aba88a06e84cac839b770af3a1 | ||
13 | |||
14 | CVE: CVE-2022-23990 | ||
15 | |||
16 | Signed-off-by: Steve Sakoman <steve@sakoman.com> | ||
17 | |||
18 | --- | ||
19 | lib/xmlparse.c | 10 ++++++++-- | ||
20 | 1 file changed, 8 insertions(+), 2 deletions(-) | ||
21 | |||
22 | diff --git a/lib/xmlparse.c b/expat/lib/xmlparse.c | ||
23 | index 5ce31402..d1d17005 100644 | ||
24 | --- a/lib/xmlparse.c | ||
25 | +++ b/lib/xmlparse.c | ||
26 | @@ -5372,7 +5372,7 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end, | ||
27 | if (dtd->in_eldecl) { | ||
28 | ELEMENT_TYPE *el; | ||
29 | const XML_Char *name; | ||
30 | - int nameLen; | ||
31 | + size_t nameLen; | ||
32 | const char *nxt | ||
33 | = (quant == XML_CQUANT_NONE ? next : next - enc->minBytesPerChar); | ||
34 | int myindex = nextScaffoldPart(parser); | ||
35 | @@ -5388,7 +5388,13 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end, | ||
36 | nameLen = 0; | ||
37 | for (; name[nameLen++];) | ||
38 | ; | ||
39 | - dtd->contentStringLen += nameLen; | ||
40 | + | ||
41 | + /* Detect and prevent integer overflow */ | ||
42 | + if (nameLen > UINT_MAX - dtd->contentStringLen) { | ||
43 | + return XML_ERROR_NO_MEMORY; | ||
44 | + } | ||
45 | + | ||
46 | + dtd->contentStringLen += (unsigned)nameLen; | ||
47 | if (parser->m_elementDeclHandler) | ||
48 | handleDefault = XML_FALSE; | ||
49 | } | ||
diff --git a/meta/recipes-core/expat/expat/CVE-2022-25235.patch b/meta/recipes-core/expat/expat/CVE-2022-25235.patch new file mode 100644 index 0000000000..9febeae609 --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25235.patch | |||
@@ -0,0 +1,261 @@ | |||
1 | Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/306b721] | ||
2 | CVE: CVE-2022-25235 | ||
3 | |||
4 | The commit is a merge commit, and this patch is created by: | ||
5 | |||
6 | $ git show -m -p --stat 306b72134f157bbfd1637b20a22cabf4acfa136a | ||
7 | |||
8 | Remove modification for expat/Changes which fails to be applied. | ||
9 | |||
10 | Signed-off-by: Kai Kang <kai.kang@windriver.com> | ||
11 | |||
12 | commit 306b72134f157bbfd1637b20a22cabf4acfa136a (from 2cc97e875ef84da4bcf55156c83599116f7523b4) | ||
13 | Merge: 2cc97e87 c16300f0 | ||
14 | Author: Sebastian Pipping <sebastian@pipping.org> | ||
15 | Date: Fri Feb 18 20:12:32 2022 +0100 | ||
16 | |||
17 | Merge pull request #562 from libexpat/utf8-security | ||
18 | |||
19 | [CVE-2022-25235] lib: Protect against malformed encoding (e.g. malformed UTF-8) | ||
20 | --- | ||
21 | expat/Changes | 7 ++++ | ||
22 | expat/lib/xmltok.c | 5 --- | ||
23 | expat/lib/xmltok_impl.c | 18 ++++---- | ||
24 | expat/tests/runtests.c | 109 ++++++++++++++++++++++++++++++++++++++++++++++++ | ||
25 | 4 files changed, 127 insertions(+), 12 deletions(-) | ||
26 | |||
27 | diff --git a/lib/xmltok.c b/lib/xmltok.c | ||
28 | index a72200e8..3bddf125 100644 | ||
29 | --- a/lib/xmltok.c | ||
30 | +++ b/lib/xmltok.c | ||
31 | @@ -98,11 +98,6 @@ | ||
32 | + ((((byte)[1]) & 3) << 1) + ((((byte)[2]) >> 5) & 1)] \ | ||
33 | & (1u << (((byte)[2]) & 0x1F))) | ||
34 | |||
35 | -#define UTF8_GET_NAMING(pages, p, n) \ | ||
36 | - ((n) == 2 \ | ||
37 | - ? UTF8_GET_NAMING2(pages, (const unsigned char *)(p)) \ | ||
38 | - : ((n) == 3 ? UTF8_GET_NAMING3(pages, (const unsigned char *)(p)) : 0)) | ||
39 | - | ||
40 | /* Detection of invalid UTF-8 sequences is based on Table 3.1B | ||
41 | of Unicode 3.2: http://www.unicode.org/unicode/reports/tr28/ | ||
42 | with the additional restriction of not allowing the Unicode | ||
43 | diff --git a/lib/xmltok_impl.c b/lib/xmltok_impl.c | ||
44 | index 0430591b..84ff35f9 100644 | ||
45 | --- a/lib/xmltok_impl.c | ||
46 | +++ b/lib/xmltok_impl.c | ||
47 | @@ -69,7 +69,7 @@ | ||
48 | case BT_LEAD##n: \ | ||
49 | if (end - ptr < n) \ | ||
50 | return XML_TOK_PARTIAL_CHAR; \ | ||
51 | - if (! IS_NAME_CHAR(enc, ptr, n)) { \ | ||
52 | + if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NAME_CHAR(enc, ptr, n)) { \ | ||
53 | *nextTokPtr = ptr; \ | ||
54 | return XML_TOK_INVALID; \ | ||
55 | } \ | ||
56 | @@ -98,7 +98,7 @@ | ||
57 | case BT_LEAD##n: \ | ||
58 | if (end - ptr < n) \ | ||
59 | return XML_TOK_PARTIAL_CHAR; \ | ||
60 | - if (! IS_NMSTRT_CHAR(enc, ptr, n)) { \ | ||
61 | + if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NMSTRT_CHAR(enc, ptr, n)) { \ | ||
62 | *nextTokPtr = ptr; \ | ||
63 | return XML_TOK_INVALID; \ | ||
64 | } \ | ||
65 | @@ -1142,6 +1142,10 @@ PREFIX(prologTok)(const ENCODING *enc, const char *ptr, const char *end, | ||
66 | case BT_LEAD##n: \ | ||
67 | if (end - ptr < n) \ | ||
68 | return XML_TOK_PARTIAL_CHAR; \ | ||
69 | + if (IS_INVALID_CHAR(enc, ptr, n)) { \ | ||
70 | + *nextTokPtr = ptr; \ | ||
71 | + return XML_TOK_INVALID; \ | ||
72 | + } \ | ||
73 | if (IS_NMSTRT_CHAR(enc, ptr, n)) { \ | ||
74 | ptr += n; \ | ||
75 | tok = XML_TOK_NAME; \ | ||
76 | @@ -1270,7 +1274,7 @@ PREFIX(attributeValueTok)(const ENCODING *enc, const char *ptr, const char *end, | ||
77 | switch (BYTE_TYPE(enc, ptr)) { | ||
78 | # define LEAD_CASE(n) \ | ||
79 | case BT_LEAD##n: \ | ||
80 | - ptr += n; \ | ||
81 | + ptr += n; /* NOTE: The encoding has already been validated. */ \ | ||
82 | break; | ||
83 | LEAD_CASE(2) | ||
84 | LEAD_CASE(3) | ||
85 | @@ -1339,7 +1343,7 @@ PREFIX(entityValueTok)(const ENCODING *enc, const char *ptr, const char *end, | ||
86 | switch (BYTE_TYPE(enc, ptr)) { | ||
87 | # define LEAD_CASE(n) \ | ||
88 | case BT_LEAD##n: \ | ||
89 | - ptr += n; \ | ||
90 | + ptr += n; /* NOTE: The encoding has already been validated. */ \ | ||
91 | break; | ||
92 | LEAD_CASE(2) | ||
93 | LEAD_CASE(3) | ||
94 | @@ -1518,7 +1522,7 @@ PREFIX(getAtts)(const ENCODING *enc, const char *ptr, int attsMax, | ||
95 | state = inName; \ | ||
96 | } | ||
97 | # define LEAD_CASE(n) \ | ||
98 | - case BT_LEAD##n: \ | ||
99 | + case BT_LEAD##n: /* NOTE: The encoding has already been validated. */ \ | ||
100 | START_NAME ptr += (n - MINBPC(enc)); \ | ||
101 | break; | ||
102 | LEAD_CASE(2) | ||
103 | @@ -1730,7 +1734,7 @@ PREFIX(nameLength)(const ENCODING *enc, const char *ptr) { | ||
104 | switch (BYTE_TYPE(enc, ptr)) { | ||
105 | # define LEAD_CASE(n) \ | ||
106 | case BT_LEAD##n: \ | ||
107 | - ptr += n; \ | ||
108 | + ptr += n; /* NOTE: The encoding has already been validated. */ \ | ||
109 | break; | ||
110 | LEAD_CASE(2) | ||
111 | LEAD_CASE(3) | ||
112 | @@ -1775,7 +1779,7 @@ PREFIX(updatePosition)(const ENCODING *enc, const char *ptr, const char *end, | ||
113 | switch (BYTE_TYPE(enc, ptr)) { | ||
114 | # define LEAD_CASE(n) \ | ||
115 | case BT_LEAD##n: \ | ||
116 | - ptr += n; \ | ||
117 | + ptr += n; /* NOTE: The encoding has already been validated. */ \ | ||
118 | pos->columnNumber++; \ | ||
119 | break; | ||
120 | LEAD_CASE(2) | ||
121 | diff --git a/tests/runtests.c b/tests/runtests.c | ||
122 | index bc5344b1..9b155b82 100644 | ||
123 | --- a/tests/runtests.c | ||
124 | +++ b/tests/runtests.c | ||
125 | @@ -5998,6 +5998,105 @@ START_TEST(test_utf8_in_cdata_section_2) { | ||
126 | } | ||
127 | END_TEST | ||
128 | |||
129 | +START_TEST(test_utf8_in_start_tags) { | ||
130 | + struct test_case { | ||
131 | + bool goodName; | ||
132 | + bool goodNameStart; | ||
133 | + const char *tagName; | ||
134 | + }; | ||
135 | + | ||
136 | + // The idea with the tests below is this: | ||
137 | + // We want to cover 1-, 2- and 3-byte sequences, 4-byte sequences | ||
138 | + // go to isNever and are hence not a concern. | ||
139 | + // | ||
140 | + // We start with a character that is a valid name character | ||
141 | + // (or even name-start character, see XML 1.0r4 spec) and then we flip | ||
142 | + // single bits at places where (1) the result leaves the UTF-8 encoding space | ||
143 | + // and (2) we stay in the same n-byte sequence family. | ||
144 | + // | ||
145 | + // The flipped bits are highlighted in angle brackets in comments, | ||
146 | + // e.g. "[<1>011 1001]" means we had [0011 1001] but we now flipped | ||
147 | + // the most significant bit to 1 to leave UTF-8 encoding space. | ||
148 | + struct test_case cases[] = { | ||
149 | + // 1-byte UTF-8: [0xxx xxxx] | ||
150 | + {true, true, "\x3A"}, // [0011 1010] = ASCII colon ':' | ||
151 | + {false, false, "\xBA"}, // [<1>011 1010] | ||
152 | + {true, false, "\x39"}, // [0011 1001] = ASCII nine '9' | ||
153 | + {false, false, "\xB9"}, // [<1>011 1001] | ||
154 | + | ||
155 | + // 2-byte UTF-8: [110x xxxx] [10xx xxxx] | ||
156 | + {true, true, "\xDB\xA5"}, // [1101 1011] [1010 0101] = | ||
157 | + // Arabic small waw U+06E5 | ||
158 | + {false, false, "\x9B\xA5"}, // [1<0>01 1011] [1010 0101] | ||
159 | + {false, false, "\xDB\x25"}, // [1101 1011] [<0>010 0101] | ||
160 | + {false, false, "\xDB\xE5"}, // [1101 1011] [1<1>10 0101] | ||
161 | + {true, false, "\xCC\x81"}, // [1100 1100] [1000 0001] = | ||
162 | + // combining char U+0301 | ||
163 | + {false, false, "\x8C\x81"}, // [1<0>00 1100] [1000 0001] | ||
164 | + {false, false, "\xCC\x01"}, // [1100 1100] [<0>000 0001] | ||
165 | + {false, false, "\xCC\xC1"}, // [1100 1100] [1<1>00 0001] | ||
166 | + | ||
167 | + // 3-byte UTF-8: [1110 xxxx] [10xx xxxx] [10xxxxxx] | ||
168 | + {true, true, "\xE0\xA4\x85"}, // [1110 0000] [1010 0100] [1000 0101] = | ||
169 | + // Devanagari Letter A U+0905 | ||
170 | + {false, false, "\xA0\xA4\x85"}, // [1<0>10 0000] [1010 0100] [1000 0101] | ||
171 | + {false, false, "\xE0\x24\x85"}, // [1110 0000] [<0>010 0100] [1000 0101] | ||
172 | + {false, false, "\xE0\xE4\x85"}, // [1110 0000] [1<1>10 0100] [1000 0101] | ||
173 | + {false, false, "\xE0\xA4\x05"}, // [1110 0000] [1010 0100] [<0>000 0101] | ||
174 | + {false, false, "\xE0\xA4\xC5"}, // [1110 0000] [1010 0100] [1<1>00 0101] | ||
175 | + {true, false, "\xE0\xA4\x81"}, // [1110 0000] [1010 0100] [1000 0001] = | ||
176 | + // combining char U+0901 | ||
177 | + {false, false, "\xA0\xA4\x81"}, // [1<0>10 0000] [1010 0100] [1000 0001] | ||
178 | + {false, false, "\xE0\x24\x81"}, // [1110 0000] [<0>010 0100] [1000 0001] | ||
179 | + {false, false, "\xE0\xE4\x81"}, // [1110 0000] [1<1>10 0100] [1000 0001] | ||
180 | + {false, false, "\xE0\xA4\x01"}, // [1110 0000] [1010 0100] [<0>000 0001] | ||
181 | + {false, false, "\xE0\xA4\xC1"}, // [1110 0000] [1010 0100] [1<1>00 0001] | ||
182 | + }; | ||
183 | + const bool atNameStart[] = {true, false}; | ||
184 | + | ||
185 | + size_t i = 0; | ||
186 | + char doc[1024]; | ||
187 | + size_t failCount = 0; | ||
188 | + | ||
189 | + for (; i < sizeof(cases) / sizeof(cases[0]); i++) { | ||
190 | + size_t j = 0; | ||
191 | + for (; j < sizeof(atNameStart) / sizeof(atNameStart[0]); j++) { | ||
192 | + const bool expectedSuccess | ||
193 | + = atNameStart[j] ? cases[i].goodNameStart : cases[i].goodName; | ||
194 | + sprintf(doc, "<%s%s><!--", atNameStart[j] ? "" : "a", cases[i].tagName); | ||
195 | + XML_Parser parser = XML_ParserCreate(NULL); | ||
196 | + | ||
197 | + const enum XML_Status status | ||
198 | + = XML_Parse(parser, doc, (int)strlen(doc), /*isFinal=*/XML_FALSE); | ||
199 | + | ||
200 | + bool success = true; | ||
201 | + if ((status == XML_STATUS_OK) != expectedSuccess) { | ||
202 | + success = false; | ||
203 | + } | ||
204 | + if ((status == XML_STATUS_ERROR) | ||
205 | + && (XML_GetErrorCode(parser) != XML_ERROR_INVALID_TOKEN)) { | ||
206 | + success = false; | ||
207 | + } | ||
208 | + | ||
209 | + if (! success) { | ||
210 | + fprintf( | ||
211 | + stderr, | ||
212 | + "FAIL case %2u (%sat name start, %u-byte sequence, error code %d)\n", | ||
213 | + (unsigned)i + 1u, atNameStart[j] ? " " : "not ", | ||
214 | + (unsigned)strlen(cases[i].tagName), XML_GetErrorCode(parser)); | ||
215 | + failCount++; | ||
216 | + } | ||
217 | + | ||
218 | + XML_ParserFree(parser); | ||
219 | + } | ||
220 | + } | ||
221 | + | ||
222 | + if (failCount > 0) { | ||
223 | + fail("UTF-8 regression detected"); | ||
224 | + } | ||
225 | +} | ||
226 | +END_TEST | ||
227 | + | ||
228 | /* Test trailing spaces in elements are accepted */ | ||
229 | static void XMLCALL | ||
230 | record_element_end_handler(void *userData, const XML_Char *name) { | ||
231 | @@ -6175,6 +6274,14 @@ START_TEST(test_bad_doctype) { | ||
232 | } | ||
233 | END_TEST | ||
234 | |||
235 | +START_TEST(test_bad_doctype_utf8) { | ||
236 | + const char *text = "<!DOCTYPE \xDB\x25" | ||
237 | + "doc><doc/>"; // [1101 1011] [<0>010 0101] | ||
238 | + expect_failure(text, XML_ERROR_INVALID_TOKEN, | ||
239 | + "Invalid UTF-8 in DOCTYPE not faulted"); | ||
240 | +} | ||
241 | +END_TEST | ||
242 | + | ||
243 | START_TEST(test_bad_doctype_utf16) { | ||
244 | const char text[] = | ||
245 | /* <!DOCTYPE doc [ \x06f2 ]><doc/> | ||
246 | @@ -11870,6 +11977,7 @@ make_suite(void) { | ||
247 | tcase_add_test(tc_basic, test_ext_entity_utf8_non_bom); | ||
248 | tcase_add_test(tc_basic, test_utf8_in_cdata_section); | ||
249 | tcase_add_test(tc_basic, test_utf8_in_cdata_section_2); | ||
250 | + tcase_add_test(tc_basic, test_utf8_in_start_tags); | ||
251 | tcase_add_test(tc_basic, test_trailing_spaces_in_elements); | ||
252 | tcase_add_test(tc_basic, test_utf16_attribute); | ||
253 | tcase_add_test(tc_basic, test_utf16_second_attr); | ||
254 | @@ -11878,6 +11986,7 @@ make_suite(void) { | ||
255 | tcase_add_test(tc_basic, test_bad_attr_desc_keyword); | ||
256 | tcase_add_test(tc_basic, test_bad_attr_desc_keyword_utf16); | ||
257 | tcase_add_test(tc_basic, test_bad_doctype); | ||
258 | + tcase_add_test(tc_basic, test_bad_doctype_utf8); | ||
259 | tcase_add_test(tc_basic, test_bad_doctype_utf16); | ||
260 | tcase_add_test(tc_basic, test_bad_doctype_plus); | ||
261 | tcase_add_test(tc_basic, test_bad_doctype_star); | ||
diff --git a/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch b/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch new file mode 100644 index 0000000000..ab53d99c8f --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch | |||
@@ -0,0 +1,116 @@ | |||
1 | Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/2cc97e87] | ||
2 | CVE: CVE-2022-25236 | ||
3 | |||
4 | The commit is a merge commit, and this patch is created by: | ||
5 | |||
6 | $ git diff -p --stat 2cc97e87~ 2cc97e87 | ||
7 | |||
8 | Remove modification for expat/Changes which fails to be applied. | ||
9 | |||
10 | Signed-off-by: Kai Kang <kai.kang@windriver.com> | ||
11 | |||
12 | commit 2cc97e875ef84da4bcf55156c83599116f7523b4 (from d477fdd284468f2ab822024e75702f2c1b254f42) | ||
13 | Merge: d477fdd2 e4d7e497 | ||
14 | Author: Sebastian Pipping <sebastian@pipping.org> | ||
15 | Date: Fri Feb 18 18:01:27 2022 +0100 | ||
16 | |||
17 | Merge pull request #561 from libexpat/namesep-security | ||
18 | |||
19 | [CVE-2022-25236] lib: Protect against insertion of namesep characters into namespace URIs | ||
20 | |||
21 | --- | ||
22 | expat/Changes | 16 ++++++++++++++++ | ||
23 | expat/lib/xmlparse.c | 17 +++++++++++++---- | ||
24 | expat/tests/runtests.c | 30 ++++++++++++++++++++++++++++++ | ||
25 | 3 files changed, 59 insertions(+), 4 deletions(-) | ||
26 | |||
27 | diff --git a/lib/xmlparse.c b/lib/xmlparse.c | ||
28 | index 7376aab1..c98e2e9f 100644 | ||
29 | --- a/lib/xmlparse.c | ||
30 | +++ b/lib/xmlparse.c | ||
31 | @@ -718,8 +718,7 @@ XML_ParserCreate(const XML_Char *encodingName) { | ||
32 | |||
33 | XML_Parser XMLCALL | ||
34 | XML_ParserCreateNS(const XML_Char *encodingName, XML_Char nsSep) { | ||
35 | - XML_Char tmp[2]; | ||
36 | - *tmp = nsSep; | ||
37 | + XML_Char tmp[2] = {nsSep, 0}; | ||
38 | return XML_ParserCreate_MM(encodingName, NULL, tmp); | ||
39 | } | ||
40 | |||
41 | @@ -1344,8 +1343,7 @@ XML_ExternalEntityParserCreate(XML_Parser oldParser, const XML_Char *context, | ||
42 | would be otherwise. | ||
43 | */ | ||
44 | if (parser->m_ns) { | ||
45 | - XML_Char tmp[2]; | ||
46 | - *tmp = parser->m_namespaceSeparator; | ||
47 | + XML_Char tmp[2] = {parser->m_namespaceSeparator, 0}; | ||
48 | parser = parserCreate(encodingName, &parser->m_mem, tmp, newDtd); | ||
49 | } else { | ||
50 | parser = parserCreate(encodingName, &parser->m_mem, NULL, newDtd); | ||
51 | @@ -3761,6 +3759,17 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, | ||
52 | if (! mustBeXML && isXMLNS | ||
53 | && (len > xmlnsLen || uri[len] != xmlnsNamespace[len])) | ||
54 | isXMLNS = XML_FALSE; | ||
55 | + | ||
56 | + // NOTE: While Expat does not validate namespace URIs against RFC 3986, | ||
57 | + // we have to at least make sure that the XML processor on top of | ||
58 | + // Expat (that is splitting tag names by namespace separator into | ||
59 | + // 2- or 3-tuples (uri-local or uri-local-prefix)) cannot be confused | ||
60 | + // by an attacker putting additional namespace separator characters | ||
61 | + // into namespace declarations. That would be ambiguous and not to | ||
62 | + // be expected. | ||
63 | + if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator)) { | ||
64 | + return XML_ERROR_SYNTAX; | ||
65 | + } | ||
66 | } | ||
67 | isXML = isXML && len == xmlLen; | ||
68 | isXMLNS = isXMLNS && len == xmlnsLen; | ||
69 | diff --git a/tests/runtests.c b/tests/runtests.c | ||
70 | index d07203f2..bc5344b1 100644 | ||
71 | --- a/tests/runtests.c | ||
72 | +++ b/tests/runtests.c | ||
73 | @@ -7220,6 +7220,35 @@ START_TEST(test_ns_double_colon_doctype) { | ||
74 | } | ||
75 | END_TEST | ||
76 | |||
77 | +START_TEST(test_ns_separator_in_uri) { | ||
78 | + struct test_case { | ||
79 | + enum XML_Status expectedStatus; | ||
80 | + const char *doc; | ||
81 | + }; | ||
82 | + struct test_case cases[] = { | ||
83 | + {XML_STATUS_OK, "<doc xmlns='one_two' />"}, | ||
84 | + {XML_STATUS_ERROR, "<doc xmlns='one
two' />"}, | ||
85 | + }; | ||
86 | + | ||
87 | + size_t i = 0; | ||
88 | + size_t failCount = 0; | ||
89 | + for (; i < sizeof(cases) / sizeof(cases[0]); i++) { | ||
90 | + XML_Parser parser = XML_ParserCreateNS(NULL, '\n'); | ||
91 | + XML_SetElementHandler(parser, dummy_start_element, dummy_end_element); | ||
92 | + if (XML_Parse(parser, cases[i].doc, (int)strlen(cases[i].doc), | ||
93 | + /*isFinal*/ XML_TRUE) | ||
94 | + != cases[i].expectedStatus) { | ||
95 | + failCount++; | ||
96 | + } | ||
97 | + XML_ParserFree(parser); | ||
98 | + } | ||
99 | + | ||
100 | + if (failCount) { | ||
101 | + fail("Namespace separator handling is broken"); | ||
102 | + } | ||
103 | +} | ||
104 | +END_TEST | ||
105 | + | ||
106 | /* Control variable; the number of times duff_allocator() will successfully | ||
107 | * allocate */ | ||
108 | #define ALLOC_ALWAYS_SUCCEED (-1) | ||
109 | @@ -11905,6 +11934,7 @@ make_suite(void) { | ||
110 | tcase_add_test(tc_namespace, test_ns_utf16_doctype); | ||
111 | tcase_add_test(tc_namespace, test_ns_invalid_doctype); | ||
112 | tcase_add_test(tc_namespace, test_ns_double_colon_doctype); | ||
113 | + tcase_add_test(tc_namespace, test_ns_separator_in_uri); | ||
114 | |||
115 | suite_add_tcase(s, tc_misc); | ||
116 | tcase_add_checked_fixture(tc_misc, NULL, basic_teardown); | ||
diff --git a/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch b/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch new file mode 100644 index 0000000000..0f14c9631b --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch | |||
@@ -0,0 +1,232 @@ | |||
1 | Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/f178826b] | ||
2 | CVE: CVE-2022-25236 | ||
3 | |||
4 | The commit is a merge commit, and this patch is created by: | ||
5 | |||
6 | $ git show -m -p --stat f178826b | ||
7 | |||
8 | Remove changes for expat/Changes and reference.html which fail to be applied. | ||
9 | |||
10 | Signed-off-by: Kai Kang <kai.kang@windriver.com> | ||
11 | |||
12 | commit f178826bb1e9c8ee23202f1be55ad4ac7b649e84 (from c99e0e7f2b15b48848038992ecbb4480f957cfe9) | ||
13 | Merge: c99e0e7f 9579f7ea | ||
14 | Author: Sebastian Pipping <sebastian@pipping.org> | ||
15 | Date: Fri Mar 4 18:43:39 2022 +0100 | ||
16 | |||
17 | Merge pull request #577 from libexpat/namesep | ||
18 | |||
19 | lib: Relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters (fixes #572) | ||
20 | --- | ||
21 | expat/Changes | 16 ++++++ | ||
22 | expat/doc/reference.html | 8 +++ | ||
23 | expat/lib/expat.h | 11 ++++ | ||
24 | expat/lib/xmlparse.c | 139 ++++++++++++++++++++++++++++++++++++++++++++--- | ||
25 | expat/tests/runtests.c | 8 ++- | ||
26 | 5 files changed, 171 insertions(+), 11 deletions(-) | ||
27 | |||
28 | diff --git a/lib/expat.h b/lib/expat.h | ||
29 | index 5ab493f7..181fc960 100644 | ||
30 | --- a/lib/expat.h | ||
31 | +++ b/lib/expat.h | ||
32 | @@ -239,6 +239,17 @@ XML_ParserCreate(const XML_Char *encoding); | ||
33 | and the local part will be concatenated without any separator. | ||
34 | It is a programming error to use the separator '\0' with namespace | ||
35 | triplets (see XML_SetReturnNSTriplet). | ||
36 | + If a namespace separator is chosen that can be part of a URI or | ||
37 | + part of an XML name, splitting an expanded name back into its | ||
38 | + 1, 2 or 3 original parts on application level in the element handler | ||
39 | + may end up vulnerable, so these are advised against; sane choices for | ||
40 | + a namespace separator are e.g. '\n' (line feed) and '|' (pipe). | ||
41 | + | ||
42 | + Note that Expat does not validate namespace URIs (beyond encoding) | ||
43 | + against RFC 3986 today (and is not required to do so with regard to | ||
44 | + the XML 1.0 namespaces specification) but it may start doing that | ||
45 | + in future releases. Before that, an application using Expat must | ||
46 | + be ready to receive namespace URIs containing non-URI characters. | ||
47 | */ | ||
48 | XMLPARSEAPI(XML_Parser) | ||
49 | XML_ParserCreateNS(const XML_Char *encoding, XML_Char namespaceSeparator); | ||
50 | diff --git a/lib/xmlparse.c b/lib/xmlparse.c | ||
51 | index 59da19c8..6fe2cf1e 100644 | ||
52 | --- a/lib/xmlparse.c | ||
53 | +++ b/lib/xmlparse.c | ||
54 | @@ -3705,6 +3705,117 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, | ||
55 | return XML_ERROR_NONE; | ||
56 | } | ||
57 | |||
58 | +static XML_Bool | ||
59 | +is_rfc3986_uri_char(XML_Char candidate) { | ||
60 | + // For the RFC 3986 ANBF grammar see | ||
61 | + // https://datatracker.ietf.org/doc/html/rfc3986#appendix-A | ||
62 | + | ||
63 | + switch (candidate) { | ||
64 | + // From rule "ALPHA" (uppercase half) | ||
65 | + case 'A': | ||
66 | + case 'B': | ||
67 | + case 'C': | ||
68 | + case 'D': | ||
69 | + case 'E': | ||
70 | + case 'F': | ||
71 | + case 'G': | ||
72 | + case 'H': | ||
73 | + case 'I': | ||
74 | + case 'J': | ||
75 | + case 'K': | ||
76 | + case 'L': | ||
77 | + case 'M': | ||
78 | + case 'N': | ||
79 | + case 'O': | ||
80 | + case 'P': | ||
81 | + case 'Q': | ||
82 | + case 'R': | ||
83 | + case 'S': | ||
84 | + case 'T': | ||
85 | + case 'U': | ||
86 | + case 'V': | ||
87 | + case 'W': | ||
88 | + case 'X': | ||
89 | + case 'Y': | ||
90 | + case 'Z': | ||
91 | + | ||
92 | + // From rule "ALPHA" (lowercase half) | ||
93 | + case 'a': | ||
94 | + case 'b': | ||
95 | + case 'c': | ||
96 | + case 'd': | ||
97 | + case 'e': | ||
98 | + case 'f': | ||
99 | + case 'g': | ||
100 | + case 'h': | ||
101 | + case 'i': | ||
102 | + case 'j': | ||
103 | + case 'k': | ||
104 | + case 'l': | ||
105 | + case 'm': | ||
106 | + case 'n': | ||
107 | + case 'o': | ||
108 | + case 'p': | ||
109 | + case 'q': | ||
110 | + case 'r': | ||
111 | + case 's': | ||
112 | + case 't': | ||
113 | + case 'u': | ||
114 | + case 'v': | ||
115 | + case 'w': | ||
116 | + case 'x': | ||
117 | + case 'y': | ||
118 | + case 'z': | ||
119 | + | ||
120 | + // From rule "DIGIT" | ||
121 | + case '0': | ||
122 | + case '1': | ||
123 | + case '2': | ||
124 | + case '3': | ||
125 | + case '4': | ||
126 | + case '5': | ||
127 | + case '6': | ||
128 | + case '7': | ||
129 | + case '8': | ||
130 | + case '9': | ||
131 | + | ||
132 | + // From rule "pct-encoded" | ||
133 | + case '%': | ||
134 | + | ||
135 | + // From rule "unreserved" | ||
136 | + case '-': | ||
137 | + case '.': | ||
138 | + case '_': | ||
139 | + case '~': | ||
140 | + | ||
141 | + // From rule "gen-delims" | ||
142 | + case ':': | ||
143 | + case '/': | ||
144 | + case '?': | ||
145 | + case '#': | ||
146 | + case '[': | ||
147 | + case ']': | ||
148 | + case '@': | ||
149 | + | ||
150 | + // From rule "sub-delims" | ||
151 | + case '!': | ||
152 | + case '$': | ||
153 | + case '&': | ||
154 | + case '\'': | ||
155 | + case '(': | ||
156 | + case ')': | ||
157 | + case '*': | ||
158 | + case '+': | ||
159 | + case ',': | ||
160 | + case ';': | ||
161 | + case '=': | ||
162 | + return XML_TRUE; | ||
163 | + | ||
164 | + default: | ||
165 | + return XML_FALSE; | ||
166 | + } | ||
167 | +} | ||
168 | + | ||
169 | /* addBinding() overwrites the value of prefix->binding without checking. | ||
170 | Therefore one must keep track of the old value outside of addBinding(). | ||
171 | */ | ||
172 | @@ -3763,14 +3874,26 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, | ||
173 | && (len > xmlnsLen || uri[len] != xmlnsNamespace[len])) | ||
174 | isXMLNS = XML_FALSE; | ||
175 | |||
176 | - // NOTE: While Expat does not validate namespace URIs against RFC 3986, | ||
177 | - // we have to at least make sure that the XML processor on top of | ||
178 | - // Expat (that is splitting tag names by namespace separator into | ||
179 | - // 2- or 3-tuples (uri-local or uri-local-prefix)) cannot be confused | ||
180 | - // by an attacker putting additional namespace separator characters | ||
181 | - // into namespace declarations. That would be ambiguous and not to | ||
182 | - // be expected. | ||
183 | - if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator)) { | ||
184 | + // NOTE: While Expat does not validate namespace URIs against RFC 3986 | ||
185 | + // today (and is not REQUIRED to do so with regard to the XML 1.0 | ||
186 | + // namespaces specification) we have to at least make sure, that | ||
187 | + // the application on top of Expat (that is likely splitting expanded | ||
188 | + // element names ("qualified names") of form | ||
189 | + // "[uri sep] local [sep prefix] '\0'" back into 1, 2 or 3 pieces | ||
190 | + // in its element handler code) cannot be confused by an attacker | ||
191 | + // putting additional namespace separator characters into namespace | ||
192 | + // declarations. That would be ambiguous and not to be expected. | ||
193 | + // | ||
194 | + // While the HTML API docs of function XML_ParserCreateNS have been | ||
195 | + // advising against use of a namespace separator character that can | ||
196 | + // appear in a URI for >20 years now, some widespread applications | ||
197 | + // are using URI characters (':' (colon) in particular) for a | ||
198 | + // namespace separator, in practice. To keep these applications | ||
199 | + // functional, we only reject namespaces URIs containing the | ||
200 | + // application-chosen namespace separator if the chosen separator | ||
201 | + // is a non-URI character with regard to RFC 3986. | ||
202 | + if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator) | ||
203 | + && ! is_rfc3986_uri_char(uri[len])) { | ||
204 | return XML_ERROR_SYNTAX; | ||
205 | } | ||
206 | } | ||
207 | diff --git a/tests/runtests.c b/tests/runtests.c | ||
208 | index 60da868e..712706c4 100644 | ||
209 | --- a/tests/runtests.c | ||
210 | +++ b/tests/runtests.c | ||
211 | @@ -7406,16 +7406,18 @@ START_TEST(test_ns_separator_in_uri) { | ||
212 | struct test_case { | ||
213 | enum XML_Status expectedStatus; | ||
214 | const char *doc; | ||
215 | + XML_Char namesep; | ||
216 | }; | ||
217 | struct test_case cases[] = { | ||
218 | - {XML_STATUS_OK, "<doc xmlns='one_two' />"}, | ||
219 | - {XML_STATUS_ERROR, "<doc xmlns='one
two' />"}, | ||
220 | + {XML_STATUS_OK, "<doc xmlns='one_two' />", XCS('\n')}, | ||
221 | + {XML_STATUS_ERROR, "<doc xmlns='one
two' />", XCS('\n')}, | ||
222 | + {XML_STATUS_OK, "<doc xmlns='one:two' />", XCS(':')}, | ||
223 | }; | ||
224 | |||
225 | size_t i = 0; | ||
226 | size_t failCount = 0; | ||
227 | for (; i < sizeof(cases) / sizeof(cases[0]); i++) { | ||
228 | - XML_Parser parser = XML_ParserCreateNS(NULL, '\n'); | ||
229 | + XML_Parser parser = XML_ParserCreateNS(NULL, cases[i].namesep); | ||
230 | XML_SetElementHandler(parser, dummy_start_element, dummy_end_element); | ||
231 | if (XML_Parse(parser, cases[i].doc, (int)strlen(cases[i].doc), | ||
232 | /*isFinal*/ XML_TRUE) | ||
diff --git a/meta/recipes-core/expat/expat_2.2.10.bb b/meta/recipes-core/expat/expat_2.2.10.bb index 08e8ff1cea..f99fa7edb6 100644 --- a/meta/recipes-core/expat/expat_2.2.10.bb +++ b/meta/recipes-core/expat/expat_2.2.10.bb | |||
@@ -10,9 +10,17 @@ VERSION_TAG = "${@d.getVar('PV').replace('.', '_')}" | |||
10 | 10 | ||
11 | SRC_URI = "https://github.com/libexpat/libexpat/releases/download/R_${VERSION_TAG}/expat-${PV}.tar.bz2 \ | 11 | SRC_URI = "https://github.com/libexpat/libexpat/releases/download/R_${VERSION_TAG}/expat-${PV}.tar.bz2 \ |
12 | file://libtool-tag.patch \ | 12 | file://libtool-tag.patch \ |
13 | file://run-ptest \ | 13 | file://run-ptest \ |
14 | file://0001-Add-output-of-tests-result.patch \ | 14 | file://0001-Add-output-of-tests-result.patch \ |
15 | " | 15 | file://CVE-2022-22822-27.patch \ |
16 | file://CVE-2021-45960.patch \ | ||
17 | file://CVE-2021-46143.patch \ | ||
18 | file://CVE-2022-23852.patch \ | ||
19 | file://CVE-2022-23990.patch \ | ||
20 | file://CVE-2022-25235.patch \ | ||
21 | file://CVE-2022-25236-1.patch \ | ||
22 | file://CVE-2022-25236-2.patch \ | ||
23 | " | ||
16 | 24 | ||
17 | UPSTREAM_CHECK_URI = "https://github.com/libexpat/libexpat/releases/" | 25 | UPSTREAM_CHECK_URI = "https://github.com/libexpat/libexpat/releases/" |
18 | 26 | ||
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc index 4d69187961..e1eefdee49 100644 --- a/meta/recipes-core/glibc/glibc-version.inc +++ b/meta/recipes-core/glibc/glibc-version.inc | |||
@@ -1,6 +1,6 @@ | |||
1 | SRCBRANCH ?= "release/2.33/master" | 1 | SRCBRANCH ?= "release/2.33/master" |
2 | PV = "2.33" | 2 | PV = "2.33" |
3 | SRCREV_glibc ?= "6090cf1330faf2deb17285758f327cb23b89ebf1" | 3 | SRCREV_glibc ?= "3e2a15c666e40e5ee740e5079c56d83469280323" |
4 | SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28" | 4 | SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28" |
5 | 5 | ||
6 | GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git" | 6 | GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git" |
diff --git a/meta/recipes-core/glibc/glibc_2.33.bb b/meta/recipes-core/glibc/glibc_2.33.bb index ad5e2b8eb1..a1e9eb3a16 100644 --- a/meta/recipes-core/glibc/glibc_2.33.bb +++ b/meta/recipes-core/glibc/glibc_2.33.bb | |||
@@ -88,7 +88,7 @@ EXTRA_OECONF = "--enable-kernel=${OLDEST_KERNEL} \ | |||
88 | 88 | ||
89 | EXTRA_OECONF += "${@get_libc_fpu_setting(bb, d)}" | 89 | EXTRA_OECONF += "${@get_libc_fpu_setting(bb, d)}" |
90 | 90 | ||
91 | EXTRA_OECONF_append_x86 = " --enable-cet" | 91 | EXTRA_OECONF_append_x86 = " ${@bb.utils.contains_any('TUNE_FEATURES', 'i586 c3', '--disable-cet', '--enable-cet', d)}" |
92 | EXTRA_OECONF_append_x86-64 = " --enable-cet" | 92 | EXTRA_OECONF_append_x86-64 = " --enable-cet" |
93 | 93 | ||
94 | PACKAGECONFIG ??= "nscd" | 94 | PACKAGECONFIG ??= "nscd" |
diff --git a/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/meta/recipes-core/images/build-appliance-image_15.0.0.bb index 455fe825c8..5631cd8ae6 100644 --- a/meta/recipes-core/images/build-appliance-image_15.0.0.bb +++ b/meta/recipes-core/images/build-appliance-image_15.0.0.bb | |||
@@ -24,7 +24,7 @@ IMAGE_FSTYPES = "wic.vmdk wic.vhd wic.vhdx" | |||
24 | 24 | ||
25 | inherit core-image setuptools3 | 25 | inherit core-image setuptools3 |
26 | 26 | ||
27 | SRCREV ?= "ec3ac9d883d53ebbf3c6b9a80694df69c9e9ccc7" | 27 | SRCREV ?= "2954fa87a4d325f1a3c722d6fb8bf13b17f9e7a0" |
28 | SRC_URI = "git://git.yoctoproject.org/poky;branch=hardknott \ | 28 | SRC_URI = "git://git.yoctoproject.org/poky;branch=hardknott \ |
29 | file://Yocto_Build_Appliance.vmx \ | 29 | file://Yocto_Build_Appliance.vmx \ |
30 | file://Yocto_Build_Appliance.vmxf \ | 30 | file://Yocto_Build_Appliance.vmxf \ |
diff --git a/meta/recipes-core/initrdscripts/initramfs-framework/finish b/meta/recipes-core/initrdscripts/initramfs-framework/finish index 717383ebac..f08a920867 100755 --- a/meta/recipes-core/initrdscripts/initramfs-framework/finish +++ b/meta/recipes-core/initrdscripts/initramfs-framework/finish | |||
@@ -12,6 +12,18 @@ finish_run() { | |||
12 | fatal "ERROR: There's no '/dev' on rootfs." | 12 | fatal "ERROR: There's no '/dev' on rootfs." |
13 | fi | 13 | fi |
14 | 14 | ||
15 | # Unmount anything that was automounted by busybox via mdev-mount.sh. | ||
16 | # We're about to switch_root, and leaving anything mounted will prevent | ||
17 | # the next rootfs from modifying the block device. Ignore ROOT_DISK, | ||
18 | # if it was set by setup-live, because it'll be mounted over loopback | ||
19 | # to ROOTFS_DIR. | ||
20 | local dev | ||
21 | for dev in /run/media/*; do | ||
22 | if mountpoint -q "${dev}" && [ "${dev##*/}" != "${ROOT_DISK}" ]; then | ||
23 | umount -f "${dev}" || debug "Failed to unmount ${dev}" | ||
24 | fi | ||
25 | done | ||
26 | |||
15 | info "Switching root to '$ROOTFS_DIR'..." | 27 | info "Switching root to '$ROOTFS_DIR'..." |
16 | 28 | ||
17 | debug "Moving /dev, /proc and /sys onto rootfs..." | 29 | debug "Moving /dev, /proc and /sys onto rootfs..." |
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch b/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch new file mode 100644 index 0000000000..eefecb9adb --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch | |||
@@ -0,0 +1,99 @@ | |||
1 | From 646fe48d1c8a74310c409ddf81fe7df6700052af Mon Sep 17 00:00:00 2001 | ||
2 | From: Nick Wellnhofer <wellnhofer@aevum.de> | ||
3 | Date: Tue, 22 Feb 2022 11:51:08 +0100 | ||
4 | Subject: [PATCH] Fix --without-valid build | ||
5 | |||
6 | Regressed in commit 652dd12a. | ||
7 | --- | ||
8 | valid.c | 58 ++++++++++++++++++++++++++++----------------------------- | ||
9 | 1 file changed, 29 insertions(+), 29 deletions(-) | ||
10 | --- | ||
11 | |||
12 | From https://github.com/GNOME/libxml2.git | ||
13 | commit 646fe48d1c8a74310c409ddf81fe7df6700052af | ||
14 | |||
15 | CVE: CVE-2022-23308 | ||
16 | Upstream-status: Backport | ||
17 | |||
18 | Signed-off-by: Joe Slater <joe.slater@windriver.com> | ||
19 | |||
20 | |||
21 | diff --git a/valid.c b/valid.c | ||
22 | index 8e596f1d..9684683a 100644 | ||
23 | --- a/valid.c | ||
24 | +++ b/valid.c | ||
25 | @@ -479,35 +479,6 @@ nodeVPop(xmlValidCtxtPtr ctxt) | ||
26 | return (ret); | ||
27 | } | ||
28 | |||
29 | -/** | ||
30 | - * xmlValidNormalizeString: | ||
31 | - * @str: a string | ||
32 | - * | ||
33 | - * Normalize a string in-place. | ||
34 | - */ | ||
35 | -static void | ||
36 | -xmlValidNormalizeString(xmlChar *str) { | ||
37 | - xmlChar *dst; | ||
38 | - const xmlChar *src; | ||
39 | - | ||
40 | - if (str == NULL) | ||
41 | - return; | ||
42 | - src = str; | ||
43 | - dst = str; | ||
44 | - | ||
45 | - while (*src == 0x20) src++; | ||
46 | - while (*src != 0) { | ||
47 | - if (*src == 0x20) { | ||
48 | - while (*src == 0x20) src++; | ||
49 | - if (*src != 0) | ||
50 | - *dst++ = 0x20; | ||
51 | - } else { | ||
52 | - *dst++ = *src++; | ||
53 | - } | ||
54 | - } | ||
55 | - *dst = 0; | ||
56 | -} | ||
57 | - | ||
58 | #ifdef DEBUG_VALID_ALGO | ||
59 | static void | ||
60 | xmlValidPrintNode(xmlNodePtr cur) { | ||
61 | @@ -2636,6 +2607,35 @@ xmlDumpNotationTable(xmlBufferPtr buf, xmlNotationTablePtr table) { | ||
62 | (xmlDictOwns(dict, (const xmlChar *)(str)) == 0))) \ | ||
63 | xmlFree((char *)(str)); | ||
64 | |||
65 | +/** | ||
66 | + * xmlValidNormalizeString: | ||
67 | + * @str: a string | ||
68 | + * | ||
69 | + * Normalize a string in-place. | ||
70 | + */ | ||
71 | +static void | ||
72 | +xmlValidNormalizeString(xmlChar *str) { | ||
73 | + xmlChar *dst; | ||
74 | + const xmlChar *src; | ||
75 | + | ||
76 | + if (str == NULL) | ||
77 | + return; | ||
78 | + src = str; | ||
79 | + dst = str; | ||
80 | + | ||
81 | + while (*src == 0x20) src++; | ||
82 | + while (*src != 0) { | ||
83 | + if (*src == 0x20) { | ||
84 | + while (*src == 0x20) src++; | ||
85 | + if (*src != 0) | ||
86 | + *dst++ = 0x20; | ||
87 | + } else { | ||
88 | + *dst++ = *src++; | ||
89 | + } | ||
90 | + } | ||
91 | + *dst = 0; | ||
92 | +} | ||
93 | + | ||
94 | static int | ||
95 | xmlIsStreaming(xmlValidCtxtPtr ctxt) { | ||
96 | xmlParserCtxtPtr pctxt; | ||
97 | -- | ||
98 | 2.35.1 | ||
99 | |||
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2022-23308.patch b/meta/recipes-core/libxml/libxml2/CVE-2022-23308.patch new file mode 100644 index 0000000000..708a98b45a --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2022-23308.patch | |||
@@ -0,0 +1,209 @@ | |||
1 | From 652dd12a858989b14eed4e84e453059cd3ba340e Mon Sep 17 00:00:00 2001 | ||
2 | From: Nick Wellnhofer <wellnhofer@aevum.de> | ||
3 | Date: Tue, 8 Feb 2022 03:29:24 +0100 | ||
4 | Subject: [PATCH] [CVE-2022-23308] Use-after-free of ID and IDREF attributes | ||
5 | |||
6 | If a document is parsed with XML_PARSE_DTDVALID and without | ||
7 | XML_PARSE_NOENT, the value of ID attributes has to be normalized after | ||
8 | potentially expanding entities in xmlRemoveID. Otherwise, later calls | ||
9 | to xmlGetID can return a pointer to previously freed memory. | ||
10 | |||
11 | ID attributes which are empty or contain only whitespace after | ||
12 | entity expansion are affected in a similar way. This is fixed by | ||
13 | not storing such attributes in the ID table. | ||
14 | |||
15 | The test to detect streaming mode when validating against a DTD was | ||
16 | broken. In connection with the defects above, this could result in a | ||
17 | use-after-free when using the xmlReader interface with validation. | ||
18 | Fix detection of streaming mode to avoid similar issues. (This changes | ||
19 | the expected result of a test case. But as far as I can tell, using the | ||
20 | XML reader with XIncludes referencing the root document never worked | ||
21 | properly, anyway.) | ||
22 | |||
23 | All of these issues can result in denial of service. Using xmlReader | ||
24 | with validation could result in disclosure of memory via the error | ||
25 | channel, typically stderr. The security impact of xmlGetID returning | ||
26 | a pointer to freed memory depends on the application. The typical use | ||
27 | case of calling xmlGetID on an unmodified document is not affected. | ||
28 | --- | ||
29 | result/XInclude/ns1.xml.rdr | 2 +- | ||
30 | valid.c | 88 +++++++++++++++++++++++-------------- | ||
31 | 2 files changed, 56 insertions(+), 34 deletions(-) | ||
32 | --- | ||
33 | |||
34 | From https://github.com/GNOME/libxml2.git | ||
35 | commit 652dd12a858989b14eed4e84e453059cd3ba340e | ||
36 | |||
37 | Remove patch to ns1.xml.rdr which does not exist in version 2.9.10. | ||
38 | |||
39 | CVE: CVE-2022-23308 | ||
40 | Upstream-status: Backport | ||
41 | |||
42 | Signed-off-by: Joe Slater <joe.slater@windriver.com> | ||
43 | |||
44 | |||
45 | diff --git a/valid.c b/valid.c | ||
46 | index 5ee391c0..8e596f1d 100644 | ||
47 | --- a/valid.c | ||
48 | +++ b/valid.c | ||
49 | @@ -479,6 +479,35 @@ nodeVPop(xmlValidCtxtPtr ctxt) | ||
50 | return (ret); | ||
51 | } | ||
52 | |||
53 | +/** | ||
54 | + * xmlValidNormalizeString: | ||
55 | + * @str: a string | ||
56 | + * | ||
57 | + * Normalize a string in-place. | ||
58 | + */ | ||
59 | +static void | ||
60 | +xmlValidNormalizeString(xmlChar *str) { | ||
61 | + xmlChar *dst; | ||
62 | + const xmlChar *src; | ||
63 | + | ||
64 | + if (str == NULL) | ||
65 | + return; | ||
66 | + src = str; | ||
67 | + dst = str; | ||
68 | + | ||
69 | + while (*src == 0x20) src++; | ||
70 | + while (*src != 0) { | ||
71 | + if (*src == 0x20) { | ||
72 | + while (*src == 0x20) src++; | ||
73 | + if (*src != 0) | ||
74 | + *dst++ = 0x20; | ||
75 | + } else { | ||
76 | + *dst++ = *src++; | ||
77 | + } | ||
78 | + } | ||
79 | + *dst = 0; | ||
80 | +} | ||
81 | + | ||
82 | #ifdef DEBUG_VALID_ALGO | ||
83 | static void | ||
84 | xmlValidPrintNode(xmlNodePtr cur) { | ||
85 | @@ -2607,6 +2636,24 @@ xmlDumpNotationTable(xmlBufferPtr buf, xmlNotationTablePtr table) { | ||
86 | (xmlDictOwns(dict, (const xmlChar *)(str)) == 0))) \ | ||
87 | xmlFree((char *)(str)); | ||
88 | |||
89 | +static int | ||
90 | +xmlIsStreaming(xmlValidCtxtPtr ctxt) { | ||
91 | + xmlParserCtxtPtr pctxt; | ||
92 | + | ||
93 | + if (ctxt == NULL) | ||
94 | + return(0); | ||
95 | + /* | ||
96 | + * These magic values are also abused to detect whether we're validating | ||
97 | + * while parsing a document. In this case, userData points to the parser | ||
98 | + * context. | ||
99 | + */ | ||
100 | + if ((ctxt->finishDtd != XML_CTXT_FINISH_DTD_0) && | ||
101 | + (ctxt->finishDtd != XML_CTXT_FINISH_DTD_1)) | ||
102 | + return(0); | ||
103 | + pctxt = ctxt->userData; | ||
104 | + return(pctxt->parseMode == XML_PARSE_READER); | ||
105 | +} | ||
106 | + | ||
107 | /** | ||
108 | * xmlFreeID: | ||
109 | * @not: A id | ||
110 | @@ -2650,7 +2697,7 @@ xmlAddID(xmlValidCtxtPtr ctxt, xmlDocPtr doc, const xmlChar *value, | ||
111 | if (doc == NULL) { | ||
112 | return(NULL); | ||
113 | } | ||
114 | - if (value == NULL) { | ||
115 | + if ((value == NULL) || (value[0] == 0)) { | ||
116 | return(NULL); | ||
117 | } | ||
118 | if (attr == NULL) { | ||
119 | @@ -2681,7 +2728,7 @@ xmlAddID(xmlValidCtxtPtr ctxt, xmlDocPtr doc, const xmlChar *value, | ||
120 | */ | ||
121 | ret->value = xmlStrdup(value); | ||
122 | ret->doc = doc; | ||
123 | - if ((ctxt != NULL) && (ctxt->vstateNr != 0)) { | ||
124 | + if (xmlIsStreaming(ctxt)) { | ||
125 | /* | ||
126 | * Operating in streaming mode, attr is gonna disappear | ||
127 | */ | ||
128 | @@ -2820,6 +2867,7 @@ xmlRemoveID(xmlDocPtr doc, xmlAttrPtr attr) { | ||
129 | ID = xmlNodeListGetString(doc, attr->children, 1); | ||
130 | if (ID == NULL) | ||
131 | return(-1); | ||
132 | + xmlValidNormalizeString(ID); | ||
133 | |||
134 | id = xmlHashLookup(table, ID); | ||
135 | if (id == NULL || id->attr != attr) { | ||
136 | @@ -3009,7 +3057,7 @@ xmlAddRef(xmlValidCtxtPtr ctxt, xmlDocPtr doc, const xmlChar *value, | ||
137 | * fill the structure. | ||
138 | */ | ||
139 | ret->value = xmlStrdup(value); | ||
140 | - if ((ctxt != NULL) && (ctxt->vstateNr != 0)) { | ||
141 | + if (xmlIsStreaming(ctxt)) { | ||
142 | /* | ||
143 | * Operating in streaming mode, attr is gonna disappear | ||
144 | */ | ||
145 | @@ -4028,8 +4076,7 @@ xmlValidateAttributeValue2(xmlValidCtxtPtr ctxt, xmlDocPtr doc, | ||
146 | xmlChar * | ||
147 | xmlValidCtxtNormalizeAttributeValue(xmlValidCtxtPtr ctxt, xmlDocPtr doc, | ||
148 | xmlNodePtr elem, const xmlChar *name, const xmlChar *value) { | ||
149 | - xmlChar *ret, *dst; | ||
150 | - const xmlChar *src; | ||
151 | + xmlChar *ret; | ||
152 | xmlAttributePtr attrDecl = NULL; | ||
153 | int extsubset = 0; | ||
154 | |||
155 | @@ -4070,19 +4117,7 @@ xmlValidCtxtNormalizeAttributeValue(xmlValidCtxtPtr ctxt, xmlDocPtr doc, | ||
156 | ret = xmlStrdup(value); | ||
157 | if (ret == NULL) | ||
158 | return(NULL); | ||
159 | - src = value; | ||
160 | - dst = ret; | ||
161 | - while (*src == 0x20) src++; | ||
162 | - while (*src != 0) { | ||
163 | - if (*src == 0x20) { | ||
164 | - while (*src == 0x20) src++; | ||
165 | - if (*src != 0) | ||
166 | - *dst++ = 0x20; | ||
167 | - } else { | ||
168 | - *dst++ = *src++; | ||
169 | - } | ||
170 | - } | ||
171 | - *dst = 0; | ||
172 | + xmlValidNormalizeString(ret); | ||
173 | if ((doc->standalone) && (extsubset == 1) && (!xmlStrEqual(value, ret))) { | ||
174 | xmlErrValidNode(ctxt, elem, XML_DTD_NOT_STANDALONE, | ||
175 | "standalone: %s on %s value had to be normalized based on external subset declaration\n", | ||
176 | @@ -4114,8 +4149,7 @@ xmlValidCtxtNormalizeAttributeValue(xmlValidCtxtPtr ctxt, xmlDocPtr doc, | ||
177 | xmlChar * | ||
178 | xmlValidNormalizeAttributeValue(xmlDocPtr doc, xmlNodePtr elem, | ||
179 | const xmlChar *name, const xmlChar *value) { | ||
180 | - xmlChar *ret, *dst; | ||
181 | - const xmlChar *src; | ||
182 | + xmlChar *ret; | ||
183 | xmlAttributePtr attrDecl = NULL; | ||
184 | |||
185 | if (doc == NULL) return(NULL); | ||
186 | @@ -4145,19 +4179,7 @@ xmlValidNormalizeAttributeValue(xmlDocPtr doc, xmlNodePtr elem, | ||
187 | ret = xmlStrdup(value); | ||
188 | if (ret == NULL) | ||
189 | return(NULL); | ||
190 | - src = value; | ||
191 | - dst = ret; | ||
192 | - while (*src == 0x20) src++; | ||
193 | - while (*src != 0) { | ||
194 | - if (*src == 0x20) { | ||
195 | - while (*src == 0x20) src++; | ||
196 | - if (*src != 0) | ||
197 | - *dst++ = 0x20; | ||
198 | - } else { | ||
199 | - *dst++ = *src++; | ||
200 | - } | ||
201 | - } | ||
202 | - *dst = 0; | ||
203 | + xmlValidNormalizeString(ret); | ||
204 | return(ret); | ||
205 | } | ||
206 | |||
207 | -- | ||
208 | 2.25.1 | ||
209 | |||
diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.10.bb index cabf911816..778312f662 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.10.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.10.bb | |||
@@ -30,6 +30,8 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \ | |||
30 | file://CVE-2021-3518-0002.patch \ | 30 | file://CVE-2021-3518-0002.patch \ |
31 | file://CVE-2021-3537.patch \ | 31 | file://CVE-2021-3537.patch \ |
32 | file://CVE-2021-3541.patch \ | 32 | file://CVE-2021-3541.patch \ |
33 | file://CVE-2022-23308.patch \ | ||
34 | file://CVE-2022-23308-fix-regression.patch \ | ||
33 | " | 35 | " |
34 | 36 | ||
35 | SRC_URI[libtar.md5sum] = "10942a1dc23137a8aa07f0639cbfece5" | 37 | SRC_URI[libtar.md5sum] = "10942a1dc23137a8aa07f0639cbfece5" |
diff --git a/meta/recipes-core/os-release/os-release.bb b/meta/recipes-core/os-release/os-release.bb index a29d678125..33f75e39b8 100644 --- a/meta/recipes-core/os-release/os-release.bb +++ b/meta/recipes-core/os-release/os-release.bb | |||
@@ -12,7 +12,9 @@ do_configure[noexec] = "1" | |||
12 | 12 | ||
13 | # Other valid fields: BUILD_ID ID_LIKE ANSI_COLOR CPE_NAME | 13 | # Other valid fields: BUILD_ID ID_LIKE ANSI_COLOR CPE_NAME |
14 | # HOME_URL SUPPORT_URL BUG_REPORT_URL | 14 | # HOME_URL SUPPORT_URL BUG_REPORT_URL |
15 | OS_RELEASE_FIELDS = "ID ID_LIKE NAME VERSION VERSION_ID PRETTY_NAME" | 15 | OS_RELEASE_FIELDS = "\ |
16 | ID ID_LIKE NAME VERSION VERSION_ID PRETTY_NAME DISTRO_CODENAME \ | ||
17 | " | ||
16 | OS_RELEASE_UNQUOTED_FIELDS = "ID VERSION_ID VARIANT_ID" | 18 | OS_RELEASE_UNQUOTED_FIELDS = "ID VERSION_ID VARIANT_ID" |
17 | 19 | ||
18 | ID = "${DISTRO}" | 20 | ID = "${DISTRO}" |
diff --git a/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch b/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch new file mode 100644 index 0000000000..5cb6183641 --- /dev/null +++ b/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch | |||
@@ -0,0 +1,347 @@ | |||
1 | CVE: CVE-2018-25032 | ||
2 | Upstream-Status: Backport | ||
3 | Signed-off-by: Ross Burton <ross.burton@arm.com> | ||
4 | |||
5 | From 5c44459c3b28a9bd3283aaceab7c615f8020c531 Mon Sep 17 00:00:00 2001 | ||
6 | From: Mark Adler <madler@alumni.caltech.edu> | ||
7 | Date: Tue, 17 Apr 2018 22:09:22 -0700 | ||
8 | Subject: [PATCH] Fix a bug that can crash deflate on some input when using | ||
9 | Z_FIXED. | ||
10 | |||
11 | This bug was reported by Danilo Ramos of Eideticom, Inc. It has | ||
12 | lain in wait 13 years before being found! The bug was introduced | ||
13 | in zlib 1.2.2.2, with the addition of the Z_FIXED option. That | ||
14 | option forces the use of fixed Huffman codes. For rare inputs with | ||
15 | a large number of distant matches, the pending buffer into which | ||
16 | the compressed data is written can overwrite the distance symbol | ||
17 | table which it overlays. That results in corrupted output due to | ||
18 | invalid distances, and can result in out-of-bound accesses, | ||
19 | crashing the application. | ||
20 | |||
21 | The fix here combines the distance buffer and literal/length | ||
22 | buffers into a single symbol buffer. Now three bytes of pending | ||
23 | buffer space are opened up for each literal or length/distance | ||
24 | pair consumed, instead of the previous two bytes. This assures | ||
25 | that the pending buffer cannot overwrite the symbol table, since | ||
26 | the maximum fixed code compressed length/distance is 31 bits, and | ||
27 | since there are four bytes of pending space for every three bytes | ||
28 | of symbol space. | ||
29 | --- | ||
30 | deflate.c | 74 ++++++++++++++++++++++++++++++++++++++++--------------- | ||
31 | deflate.h | 25 +++++++++---------- | ||
32 | trees.c | 50 +++++++++++-------------------------- | ||
33 | 3 files changed, 79 insertions(+), 70 deletions(-) | ||
34 | |||
35 | diff --git a/deflate.c b/deflate.c | ||
36 | index 425babc00..19cba873a 100644 | ||
37 | --- a/deflate.c | ||
38 | +++ b/deflate.c | ||
39 | @@ -255,11 +255,6 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy, | ||
40 | int wrap = 1; | ||
41 | static const char my_version[] = ZLIB_VERSION; | ||
42 | |||
43 | - ushf *overlay; | ||
44 | - /* We overlay pending_buf and d_buf+l_buf. This works since the average | ||
45 | - * output size for (length,distance) codes is <= 24 bits. | ||
46 | - */ | ||
47 | - | ||
48 | if (version == Z_NULL || version[0] != my_version[0] || | ||
49 | stream_size != sizeof(z_stream)) { | ||
50 | return Z_VERSION_ERROR; | ||
51 | @@ -329,9 +324,47 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy, | ||
52 | |||
53 | s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */ | ||
54 | |||
55 | - overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2); | ||
56 | - s->pending_buf = (uchf *) overlay; | ||
57 | - s->pending_buf_size = (ulg)s->lit_bufsize * (sizeof(ush)+2L); | ||
58 | + /* We overlay pending_buf and sym_buf. This works since the average size | ||
59 | + * for length/distance pairs over any compressed block is assured to be 31 | ||
60 | + * bits or less. | ||
61 | + * | ||
62 | + * Analysis: The longest fixed codes are a length code of 8 bits plus 5 | ||
63 | + * extra bits, for lengths 131 to 257. The longest fixed distance codes are | ||
64 | + * 5 bits plus 13 extra bits, for distances 16385 to 32768. The longest | ||
65 | + * possible fixed-codes length/distance pair is then 31 bits total. | ||
66 | + * | ||
67 | + * sym_buf starts one-fourth of the way into pending_buf. So there are | ||
68 | + * three bytes in sym_buf for every four bytes in pending_buf. Each symbol | ||
69 | + * in sym_buf is three bytes -- two for the distance and one for the | ||
70 | + * literal/length. As each symbol is consumed, the pointer to the next | ||
71 | + * sym_buf value to read moves forward three bytes. From that symbol, up to | ||
72 | + * 31 bits are written to pending_buf. The closest the written pending_buf | ||
73 | + * bits gets to the next sym_buf symbol to read is just before the last | ||
74 | + * code is written. At that time, 31*(n-2) bits have been written, just | ||
75 | + * after 24*(n-2) bits have been consumed from sym_buf. sym_buf starts at | ||
76 | + * 8*n bits into pending_buf. (Note that the symbol buffer fills when n-1 | ||
77 | + * symbols are written.) The closest the writing gets to what is unread is | ||
78 | + * then n+14 bits. Here n is lit_bufsize, which is 16384 by default, and | ||
79 | + * can range from 128 to 32768. | ||
80 | + * | ||
81 | + * Therefore, at a minimum, there are 142 bits of space between what is | ||
82 | + * written and what is read in the overlain buffers, so the symbols cannot | ||
83 | + * be overwritten by the compressed data. That space is actually 139 bits, | ||
84 | + * due to the three-bit fixed-code block header. | ||
85 | + * | ||
86 | + * That covers the case where either Z_FIXED is specified, forcing fixed | ||
87 | + * codes, or when the use of fixed codes is chosen, because that choice | ||
88 | + * results in a smaller compressed block than dynamic codes. That latter | ||
89 | + * condition then assures that the above analysis also covers all dynamic | ||
90 | + * blocks. A dynamic-code block will only be chosen to be emitted if it has | ||
91 | + * fewer bits than a fixed-code block would for the same set of symbols. | ||
92 | + * Therefore its average symbol length is assured to be less than 31. So | ||
93 | + * the compressed data for a dynamic block also cannot overwrite the | ||
94 | + * symbols from which it is being constructed. | ||
95 | + */ | ||
96 | + | ||
97 | + s->pending_buf = (uchf *) ZALLOC(strm, s->lit_bufsize, 4); | ||
98 | + s->pending_buf_size = (ulg)s->lit_bufsize * 4; | ||
99 | |||
100 | if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL || | ||
101 | s->pending_buf == Z_NULL) { | ||
102 | @@ -340,8 +373,12 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy, | ||
103 | deflateEnd (strm); | ||
104 | return Z_MEM_ERROR; | ||
105 | } | ||
106 | - s->d_buf = overlay + s->lit_bufsize/sizeof(ush); | ||
107 | - s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize; | ||
108 | + s->sym_buf = s->pending_buf + s->lit_bufsize; | ||
109 | + s->sym_end = (s->lit_bufsize - 1) * 3; | ||
110 | + /* We avoid equality with lit_bufsize*3 because of wraparound at 64K | ||
111 | + * on 16 bit machines and because stored blocks are restricted to | ||
112 | + * 64K-1 bytes. | ||
113 | + */ | ||
114 | |||
115 | s->level = level; | ||
116 | s->strategy = strategy; | ||
117 | @@ -552,7 +589,7 @@ int ZEXPORT deflatePrime (strm, bits, value) | ||
118 | |||
119 | if (deflateStateCheck(strm)) return Z_STREAM_ERROR; | ||
120 | s = strm->state; | ||
121 | - if ((Bytef *)(s->d_buf) < s->pending_out + ((Buf_size + 7) >> 3)) | ||
122 | + if (s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3)) | ||
123 | return Z_BUF_ERROR; | ||
124 | do { | ||
125 | put = Buf_size - s->bi_valid; | ||
126 | @@ -1113,7 +1150,6 @@ int ZEXPORT deflateCopy (dest, source) | ||
127 | #else | ||
128 | deflate_state *ds; | ||
129 | deflate_state *ss; | ||
130 | - ushf *overlay; | ||
131 | |||
132 | |||
133 | if (deflateStateCheck(source) || dest == Z_NULL) { | ||
134 | @@ -1133,8 +1169,7 @@ int ZEXPORT deflateCopy (dest, source) | ||
135 | ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte)); | ||
136 | ds->prev = (Posf *) ZALLOC(dest, ds->w_size, sizeof(Pos)); | ||
137 | ds->head = (Posf *) ZALLOC(dest, ds->hash_size, sizeof(Pos)); | ||
138 | - overlay = (ushf *) ZALLOC(dest, ds->lit_bufsize, sizeof(ush)+2); | ||
139 | - ds->pending_buf = (uchf *) overlay; | ||
140 | + ds->pending_buf = (uchf *) ZALLOC(dest, ds->lit_bufsize, 4); | ||
141 | |||
142 | if (ds->window == Z_NULL || ds->prev == Z_NULL || ds->head == Z_NULL || | ||
143 | ds->pending_buf == Z_NULL) { | ||
144 | @@ -1148,8 +1183,7 @@ int ZEXPORT deflateCopy (dest, source) | ||
145 | zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size); | ||
146 | |||
147 | ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf); | ||
148 | - ds->d_buf = overlay + ds->lit_bufsize/sizeof(ush); | ||
149 | - ds->l_buf = ds->pending_buf + (1+sizeof(ush))*ds->lit_bufsize; | ||
150 | + ds->sym_buf = ds->pending_buf + ds->lit_bufsize; | ||
151 | |||
152 | ds->l_desc.dyn_tree = ds->dyn_ltree; | ||
153 | ds->d_desc.dyn_tree = ds->dyn_dtree; | ||
154 | @@ -1925,7 +1959,7 @@ local block_state deflate_fast(s, flush) | ||
155 | FLUSH_BLOCK(s, 1); | ||
156 | return finish_done; | ||
157 | } | ||
158 | - if (s->last_lit) | ||
159 | + if (s->sym_next) | ||
160 | FLUSH_BLOCK(s, 0); | ||
161 | return block_done; | ||
162 | } | ||
163 | @@ -2056,7 +2090,7 @@ local block_state deflate_slow(s, flush) | ||
164 | FLUSH_BLOCK(s, 1); | ||
165 | return finish_done; | ||
166 | } | ||
167 | - if (s->last_lit) | ||
168 | + if (s->sym_next) | ||
169 | FLUSH_BLOCK(s, 0); | ||
170 | return block_done; | ||
171 | } | ||
172 | @@ -2131,7 +2165,7 @@ local block_state deflate_rle(s, flush) | ||
173 | FLUSH_BLOCK(s, 1); | ||
174 | return finish_done; | ||
175 | } | ||
176 | - if (s->last_lit) | ||
177 | + if (s->sym_next) | ||
178 | FLUSH_BLOCK(s, 0); | ||
179 | return block_done; | ||
180 | } | ||
181 | @@ -2170,7 +2204,7 @@ local block_state deflate_huff(s, flush) | ||
182 | FLUSH_BLOCK(s, 1); | ||
183 | return finish_done; | ||
184 | } | ||
185 | - if (s->last_lit) | ||
186 | + if (s->sym_next) | ||
187 | FLUSH_BLOCK(s, 0); | ||
188 | return block_done; | ||
189 | } | ||
190 | diff --git a/deflate.h b/deflate.h | ||
191 | index 23ecdd312..d4cf1a98b 100644 | ||
192 | --- a/deflate.h | ||
193 | +++ b/deflate.h | ||
194 | @@ -217,7 +217,7 @@ typedef struct internal_state { | ||
195 | /* Depth of each subtree used as tie breaker for trees of equal frequency | ||
196 | */ | ||
197 | |||
198 | - uchf *l_buf; /* buffer for literals or lengths */ | ||
199 | + uchf *sym_buf; /* buffer for distances and literals/lengths */ | ||
200 | |||
201 | uInt lit_bufsize; | ||
202 | /* Size of match buffer for literals/lengths. There are 4 reasons for | ||
203 | @@ -239,13 +239,8 @@ typedef struct internal_state { | ||
204 | * - I can't count above 4 | ||
205 | */ | ||
206 | |||
207 | - uInt last_lit; /* running index in l_buf */ | ||
208 | - | ||
209 | - ushf *d_buf; | ||
210 | - /* Buffer for distances. To simplify the code, d_buf and l_buf have | ||
211 | - * the same number of elements. To use different lengths, an extra flag | ||
212 | - * array would be necessary. | ||
213 | - */ | ||
214 | + uInt sym_next; /* running index in sym_buf */ | ||
215 | + uInt sym_end; /* symbol table full when sym_next reaches this */ | ||
216 | |||
217 | ulg opt_len; /* bit length of current block with optimal trees */ | ||
218 | ulg static_len; /* bit length of current block with static trees */ | ||
219 | @@ -325,20 +320,22 @@ void ZLIB_INTERNAL _tr_stored_block OF((deflate_state *s, charf *buf, | ||
220 | |||
221 | # define _tr_tally_lit(s, c, flush) \ | ||
222 | { uch cc = (c); \ | ||
223 | - s->d_buf[s->last_lit] = 0; \ | ||
224 | - s->l_buf[s->last_lit++] = cc; \ | ||
225 | + s->sym_buf[s->sym_next++] = 0; \ | ||
226 | + s->sym_buf[s->sym_next++] = 0; \ | ||
227 | + s->sym_buf[s->sym_next++] = cc; \ | ||
228 | s->dyn_ltree[cc].Freq++; \ | ||
229 | - flush = (s->last_lit == s->lit_bufsize-1); \ | ||
230 | + flush = (s->sym_next == s->sym_end); \ | ||
231 | } | ||
232 | # define _tr_tally_dist(s, distance, length, flush) \ | ||
233 | { uch len = (uch)(length); \ | ||
234 | ush dist = (ush)(distance); \ | ||
235 | - s->d_buf[s->last_lit] = dist; \ | ||
236 | - s->l_buf[s->last_lit++] = len; \ | ||
237 | + s->sym_buf[s->sym_next++] = dist; \ | ||
238 | + s->sym_buf[s->sym_next++] = dist >> 8; \ | ||
239 | + s->sym_buf[s->sym_next++] = len; \ | ||
240 | dist--; \ | ||
241 | s->dyn_ltree[_length_code[len]+LITERALS+1].Freq++; \ | ||
242 | s->dyn_dtree[d_code(dist)].Freq++; \ | ||
243 | - flush = (s->last_lit == s->lit_bufsize-1); \ | ||
244 | + flush = (s->sym_next == s->sym_end); \ | ||
245 | } | ||
246 | #else | ||
247 | # define _tr_tally_lit(s, c, flush) flush = _tr_tally(s, 0, c) | ||
248 | diff --git a/trees.c b/trees.c | ||
249 | index 4f4a65011..decaeb7c3 100644 | ||
250 | --- a/trees.c | ||
251 | +++ b/trees.c | ||
252 | @@ -416,7 +416,7 @@ local void init_block(s) | ||
253 | |||
254 | s->dyn_ltree[END_BLOCK].Freq = 1; | ||
255 | s->opt_len = s->static_len = 0L; | ||
256 | - s->last_lit = s->matches = 0; | ||
257 | + s->sym_next = s->matches = 0; | ||
258 | } | ||
259 | |||
260 | #define SMALLEST 1 | ||
261 | @@ -948,7 +948,7 @@ void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last) | ||
262 | |||
263 | Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ", | ||
264 | opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len, | ||
265 | - s->last_lit)); | ||
266 | + s->sym_next / 3)); | ||
267 | |||
268 | if (static_lenb <= opt_lenb) opt_lenb = static_lenb; | ||
269 | |||
270 | @@ -1017,8 +1017,9 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc) | ||
271 | unsigned dist; /* distance of matched string */ | ||
272 | unsigned lc; /* match length-MIN_MATCH or unmatched char (if dist==0) */ | ||
273 | { | ||
274 | - s->d_buf[s->last_lit] = (ush)dist; | ||
275 | - s->l_buf[s->last_lit++] = (uch)lc; | ||
276 | + s->sym_buf[s->sym_next++] = dist; | ||
277 | + s->sym_buf[s->sym_next++] = dist >> 8; | ||
278 | + s->sym_buf[s->sym_next++] = lc; | ||
279 | if (dist == 0) { | ||
280 | /* lc is the unmatched char */ | ||
281 | s->dyn_ltree[lc].Freq++; | ||
282 | @@ -1033,30 +1034,7 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc) | ||
283 | s->dyn_ltree[_length_code[lc]+LITERALS+1].Freq++; | ||
284 | s->dyn_dtree[d_code(dist)].Freq++; | ||
285 | } | ||
286 | - | ||
287 | -#ifdef TRUNCATE_BLOCK | ||
288 | - /* Try to guess if it is profitable to stop the current block here */ | ||
289 | - if ((s->last_lit & 0x1fff) == 0 && s->level > 2) { | ||
290 | - /* Compute an upper bound for the compressed length */ | ||
291 | - ulg out_length = (ulg)s->last_lit*8L; | ||
292 | - ulg in_length = (ulg)((long)s->strstart - s->block_start); | ||
293 | - int dcode; | ||
294 | - for (dcode = 0; dcode < D_CODES; dcode++) { | ||
295 | - out_length += (ulg)s->dyn_dtree[dcode].Freq * | ||
296 | - (5L+extra_dbits[dcode]); | ||
297 | - } | ||
298 | - out_length >>= 3; | ||
299 | - Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ", | ||
300 | - s->last_lit, in_length, out_length, | ||
301 | - 100L - out_length*100L/in_length)); | ||
302 | - if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1; | ||
303 | - } | ||
304 | -#endif | ||
305 | - return (s->last_lit == s->lit_bufsize-1); | ||
306 | - /* We avoid equality with lit_bufsize because of wraparound at 64K | ||
307 | - * on 16 bit machines and because stored blocks are restricted to | ||
308 | - * 64K-1 bytes. | ||
309 | - */ | ||
310 | + return (s->sym_next == s->sym_end); | ||
311 | } | ||
312 | |||
313 | /* =========================================================================== | ||
314 | @@ -1069,13 +1047,14 @@ local void compress_block(s, ltree, dtree) | ||
315 | { | ||
316 | unsigned dist; /* distance of matched string */ | ||
317 | int lc; /* match length or unmatched char (if dist == 0) */ | ||
318 | - unsigned lx = 0; /* running index in l_buf */ | ||
319 | + unsigned sx = 0; /* running index in sym_buf */ | ||
320 | unsigned code; /* the code to send */ | ||
321 | int extra; /* number of extra bits to send */ | ||
322 | |||
323 | - if (s->last_lit != 0) do { | ||
324 | - dist = s->d_buf[lx]; | ||
325 | - lc = s->l_buf[lx++]; | ||
326 | + if (s->sym_next != 0) do { | ||
327 | + dist = s->sym_buf[sx++] & 0xff; | ||
328 | + dist += (unsigned)(s->sym_buf[sx++] & 0xff) << 8; | ||
329 | + lc = s->sym_buf[sx++]; | ||
330 | if (dist == 0) { | ||
331 | send_code(s, lc, ltree); /* send a literal byte */ | ||
332 | Tracecv(isgraph(lc), (stderr," '%c' ", lc)); | ||
333 | @@ -1100,11 +1079,10 @@ local void compress_block(s, ltree, dtree) | ||
334 | } | ||
335 | } /* literal or match pair ? */ | ||
336 | |||
337 | - /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */ | ||
338 | - Assert((uInt)(s->pending) < s->lit_bufsize + 2*lx, | ||
339 | - "pendingBuf overflow"); | ||
340 | + /* Check that the overlay between pending_buf and sym_buf is ok: */ | ||
341 | + Assert(s->pending < s->lit_bufsize + sx, "pendingBuf overflow"); | ||
342 | |||
343 | - } while (lx < s->last_lit); | ||
344 | + } while (sx < s->sym_next); | ||
345 | |||
346 | send_code(s, END_BLOCK, ltree); | ||
347 | } | ||
diff --git a/meta/recipes-core/zlib/zlib_1.2.11.bb b/meta/recipes-core/zlib/zlib_1.2.11.bb index ef9431ae47..bc42cd64e9 100644 --- a/meta/recipes-core/zlib/zlib_1.2.11.bb +++ b/meta/recipes-core/zlib/zlib_1.2.11.bb | |||
@@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = "file://zlib.h;beginline=6;endline=23;md5=5377232268e952e9ef6 | |||
8 | 8 | ||
9 | SRC_URI = "${SOURCEFORGE_MIRROR}/libpng/${BPN}/${PV}/${BPN}-${PV}.tar.xz \ | 9 | SRC_URI = "${SOURCEFORGE_MIRROR}/libpng/${BPN}/${PV}/${BPN}-${PV}.tar.xz \ |
10 | file://ldflags-tests.patch \ | 10 | file://ldflags-tests.patch \ |
11 | file://CVE-2018-25032.patch \ | ||
11 | file://run-ptest \ | 12 | file://run-ptest \ |
12 | " | 13 | " |
13 | UPSTREAM_CHECK_URI = "http://zlib.net/" | 14 | UPSTREAM_CHECK_URI = "http://zlib.net/" |