diff options
| author | Robin Haberkorn <robin.haberkorn@googlemail.com> | 2021-12-19 02:38:04 +0100 |
|---|---|---|
| committer | Robin Haberkorn <robin.haberkorn@googlemail.com> | 2021-12-19 02:38:04 +0100 |
| commit | 3614e5877818a3f3e187b43f8247cabaf842c39f (patch) | |
| tree | b93802bf8a26fbebb3c9068b273c8a92e0a97afd /tests | |
| parent | 4ccae4f8c6e9724c7b5a891aecfe37475549ee6a (diff) | |
| download | sciteco-3614e5877818a3f3e187b43f8247cabaf842c39f.tar.gz | |
safer use of memcpy() and memchr(): we must not pass in NULL pointers
* The C standard actually forbids this (undefined behaviour) even though
it seems intuitive that something like `memcpy(foo, NULL, 0)` does no harm.
* It turned out, there were actual real bugs related to this.
If memchr() was called with a variable that can be NULL,
the compiler could assume that the variable is actually always non-NULL
(since glibc declares memchr() with nonnull), consequently eliminating
checks for NULL afterwards.
The same could theoretically happen with memcpy().
This manifested itself in the empty search crashing when building with -O3.
Test case:
sciteco -e '@S//'
* Consequently, the nightly builds (at least for Ubuntu) also had this bug.
* In some cases, the passed in pointers are passed down from the caller but
should not be NULL, so I added runtime assertions to guard against it.
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/testsuite.at | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/tests/testsuite.at b/tests/testsuite.at index e087593..c476ec8 100644 --- a/tests/testsuite.at +++ b/tests/testsuite.at @@ -93,6 +93,10 @@ AT_SETUP([Q-Register stack cleanup]) AT_CHECK([$SCITECO -e '@<:@a'], 0, ignore, ignore) AT_CLEANUP +AT_SETUP([Empty search]) +AT_CHECK([$SCITECO -e '@S//'], 0, ignore, ignore) +AT_CLEANUP + AT_BANNER([Known Bugs]) AT_SETUP([Pattern matching overflow]) |