Fix regexp compiler with translation table

Fix regexp compiler with translation table

[Andreas Schwab]

build_wcs_buffer didn't set mbs when a translation table is used.  This
can result in all kinds of random behaviour during parsing due to use of
uninitialized memory.

2004-05-12  Andreas Schwab  <schwab@suse.de>

	* posix/regex_internal.c (build_wcs_buffer): Also set pstr->mbs
	when translating.

--- posix/regex_internal.c	26 Feb 2004 12:03:50 +0100	1.40
+++ posix/regex_internal.c	12 May 2004 13:46:04 +0200	
@@ -242,7 +242,7 @@ build_wcs_buffer (pstr)
 	  for (i = 0; i < pstr->mb_cur_max && i < remain_len; ++i)
 	    {
 	      ch = pstr->raw_mbs [pstr->raw_mbs_idx + byte_idx + i];
-	      buf[i] = pstr->trans[ch];
+	      buf[i] = pstr->mbs[byte_idx + i] = pstr->trans[ch];
 	    }
 	  p = (const char *) buf;
 	}

Andreas.

-- 
Andreas Schwab, SuSE Labs, schwab@suse.de
SuSE Linux AG, Maxfeldstraße 5, 90409 Nürnberg, Germany
Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."

Re: Fix regexp compiler with translation table

[Jakub Jelinek]

On Wed, May 12, 2004 at 01:50:34PM +0200, Andreas Schwab wrote:
> build_wcs_buffer didn't set mbs when a translation table is used.  This
> can result in all kinds of random behaviour during parsing due to use of
> uninitialized memory.
> 
> 2004-05-12  Andreas Schwab  <schwab@suse.de>
> 
> 	* posix/regex_internal.c (build_wcs_buffer): Also set pstr->mbs
> 	when translating.

Do you have a testcase?  It would be greatly appreciated.

	Jakub

Re: Fix regexp compiler with translation table

[Andreas Schwab]

Jakub Jelinek <jakub@redhat.com> writes:

> On Wed, May 12, 2004 at 01:50:34PM +0200, Andreas Schwab wrote:
>> build_wcs_buffer didn't set mbs when a translation table is used.  This
>> can result in all kinds of random behaviour during parsing due to use of
>> uninitialized memory.
>> 
>> 2004-05-12  Andreas Schwab  <schwab@suse.de>
>> 
>> 	* posix/regex_internal.c (build_wcs_buffer): Also set pstr->mbs
>> 	when translating.
>
> Do you have a testcase?  It would be greatly appreciated.

Since it is about uninitialized memory it is hard to test reliably.  We
noticed it because "awk -Fbcd '{ print $1 }'" was generating a spurious
error on i686.  Here is a reduced test case, although it may not be
minimal, since it took some time until I fully understood the issue.

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <regex.h>
#include <locale.h>
#include <time.h>

#define PATTERN "bcd"

char casetable[256];

int
main (void)
{
  struct re_pattern_buffer *r1, *r2;
  const char *s;
  int i;

  setlocale (LC_ALL, "");
  re_set_syntax (RE_SYNTAX_GNU_AWK);
  r1 = malloc (sizeof (*r1));
  memset (r1, 0, sizeof (*r1));
  r1->fastmap = malloc (256);
  s = re_compile_pattern (PATTERN, strlen (PATTERN), r1);
  if (s)
    {
      fprintf (stderr, "%s\n", s);
      exit (1);
    }
  r2 = malloc (sizeof (*r2));
  memset (r2, 0, sizeof (*r2));
  r2->fastmap = malloc (256);
  r2->translate = casetable;
  srand (time (0));
  for (i = 0; i < 256; i++)
    r2->fastmap[i] = rand () % 256;
  s = re_compile_pattern (PATTERN, strlen (PATTERN), r2);
  if (s)
    {
      fprintf (stderr, "%s\n", s);
      exit (1);
    }
  
  exit (0);
}


Andreas.

-- 
Andreas Schwab, SuSE Labs, schwab@suse.de
SuSE Linux AG, Maxfeldstraße 5, 90409 Nürnberg, Germany
Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."

Re: Fix regexp compiler with translation table

[Ulrich Drepper]

Applied.

-- 
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖