101 lines
3.5 KiB
Diff
101 lines
3.5 KiB
Diff
https://bugs.gentoo.org/889394
|
|
https://sourceforge.net/p/autogen/bugs/212/
|
|
https://bugzilla.redhat.com/2173623
|
|
https://siddhesh.in/posts/that-is-not-a-number-that-is-a-freed-object.html
|
|
https://gcc.gnu.org/PR105217
|
|
https://src.fedoraproject.org/rpms/autogen/blob/684b717191dd8bcd4e01a7775e62d50bc41b8ccb/f/autogen-fortify.patch
|
|
|
|
commit 772b282a4e858a27af610bcdcc8b66925cbf1a83
|
|
Author: Tomas Korbar <tkorbar@redhat.com>
|
|
Date: Tue Feb 28 16:08:13 2023 +0100
|
|
|
|
avoid GCC code analysis bug
|
|
|
|
--- a/agen5/defLoad.c
|
|
+++ b/agen5/defLoad.c
|
|
@@ -448,17 +448,28 @@ read_defs(void)
|
|
FILE * fp;
|
|
def_input_mode_t in_mode = ready_def_input(&def_fname, &data_sz);
|
|
|
|
+ /*
|
|
+ * "ready_def_input" has a lot of side effects. It's possible that
|
|
+ * there are no definitions, so "in_mode" is set to DONE and there's
|
|
+ * nothing to do.
|
|
+ */
|
|
if (in_mode == INPUT_DONE)
|
|
return;
|
|
|
|
/*
|
|
* Allocate the space we need for our definitions.
|
|
+ * "data_sz" was set by read_def_input to the size of the
|
|
+ * definitions file (or 4096 if we're reading from a fifo file).
|
|
+ * In that alternate case, we'll start the input size at 4096 bytes.
|
|
+ * The allocation includes space for context and a NUL byte or two
|
|
*/
|
|
- rem_sz = data_sz+4+sizeof(*base_ctx);
|
|
- base_ctx = (scan_ctx_t *)AGALOC(rem_sz, "file buf");
|
|
- memset(VOIDP(base_ctx), 0, rem_sz);
|
|
+ {
|
|
+ size_t sz = data_sz + sizeof(long) + sizeof(*base_ctx);
|
|
+ base_ctx = (scan_ctx_t *)AGALOC(sz, "file buf");
|
|
+ memset(VOIDP(base_ctx), 0, sz);
|
|
+ }
|
|
base_ctx->scx_line = 1;
|
|
- rem_sz = data_sz;
|
|
+ rem_sz = data_sz; // size available for storing def text
|
|
|
|
/*
|
|
* Our base context will have its currency pointer set to this
|
|
@@ -482,6 +493,9 @@ read_defs(void)
|
|
if (fp == NULL)
|
|
AG_CANT(READ_DEF_OPEN, def_fname);
|
|
|
|
+ /*
|
|
+ * If we're emitting dependency information, then do so.
|
|
+ */
|
|
if (dep_fp != NULL)
|
|
add_source_file(def_fname);
|
|
}
|
|
@@ -516,8 +530,7 @@ read_defs(void)
|
|
* See if there is any space left
|
|
*/
|
|
if (rem_sz == 0) {
|
|
- scan_ctx_t * p;
|
|
- off_t dataOff;
|
|
+ off_t scan_off;
|
|
|
|
/*
|
|
* IF it is a regular file, then we are done
|
|
@@ -527,24 +540,16 @@ read_defs(void)
|
|
|
|
/*
|
|
* We have more data and we are out of space.
|
|
- * Try to reallocate our input buffer.
|
|
+ * AGREALOC will succeed or not return.
|
|
*/
|
|
data_sz += (rem_sz = 0x1000);
|
|
- dataOff = data - base_ctx->scx_data;
|
|
- p = AGREALOC(VOIDP(base_ctx), data_sz + 4 + sizeof(*base_ctx),
|
|
- "expand f buf");
|
|
+ scan_off = data - base_ctx->scx_data;
|
|
+ base_ctx = AGREALOC(VOIDP(base_ctx), data_sz + 4 + sizeof(*base_ctx),
|
|
+ "expand f buf");
|
|
|
|
- /*
|
|
- * The buffer may have moved. Set the data pointer at an
|
|
- * offset within the new buffer and make sure our base pointer
|
|
- * has been corrected as well.
|
|
- */
|
|
- if (p != base_ctx) {
|
|
- p->scx_scan = \
|
|
- p->scx_data = (char *)(p + 1);
|
|
- data = p->scx_data + dataOff;
|
|
- base_ctx = p;
|
|
- }
|
|
+ base_ctx->scx_scan = \
|
|
+ base_ctx->scx_data = (char *)(base_ctx + 1);
|
|
+ data = base_ctx->scx_data + scan_off;
|
|
}
|
|
}
|
|
|