diff options
| author | Mikael Magnusson <mikachu@gmail.com> | 2022-03-19 01:20:57 +0100 |
|---|---|---|
| committer | Mikael Magnusson <mikachu@gmail.com> | 2022-03-30 08:07:39 +0200 |
| commit | 3bf95b91f0cd378c1a4e9c611a51cb9fe0e2ffcd (patch) | |
| tree | b4719cea1999f39d6bab12772c0e4e7c8b518e92 /Src | |
| parent | 6a9b3bb290abc1f9427f6574d9b12ec00108f907 (diff) | |
| download | zsh-3bf95b91f0cd378c1a4e9c611a51cb9fe0e2ffcd.tar.gz zsh-3bf95b91f0cd378c1a4e9c611a51cb9fe0e2ffcd.tar.xz zsh-3bf95b91f0cd378c1a4e9c611a51cb9fe0e2ffcd.zip | |
49870: Fix NULL reference in match code more
This reverts "49658: Fix NULL reference in match code." and adds a check inside the block, as well as a failsafe check at the end. The above commit (49658) causes a crash due to ll being calculated as 0 which leads to rr being an invalid pointer. Only adding a check for when ll is 0 just leads to bck-i-search pattern not working at all (the final hunk). Restoring the condition and adding an explicit NULL check for replstr seems to make matters work as intended.
Diffstat (limited to 'Src')
| -rw-r--r-- | Src/glob.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/Src/glob.c b/Src/glob.c index 375671cea..349862531 100644 --- a/Src/glob.c +++ b/Src/glob.c @@ -2549,7 +2549,7 @@ get_match_ret(Imatchdata imd, int b, int e) e += add; /* Everything now refers to metafied lengths. */ - if (replstr) { + if (replstr || (fl & SUB_LIST)) { if (fl & SUB_DOSUBST) { replstr = dupstring(replstr); singsub(&replstr); @@ -2568,7 +2568,8 @@ get_match_ret(Imatchdata imd, int b, int e) addlinknode(imd->repllist, rd); return imd->mstr; } - ll += strlen(replstr); + if (replstr) + ll += strlen(replstr); } if (fl & SUB_MATCH) /* matched portion */ ll += 1 + (e - b); @@ -2594,6 +2595,9 @@ get_match_ret(Imatchdata imd, int b, int e) if (bl) buf[bl - 1] = '\0'; + if (ll == 0) + return NULL; + rr = r = (char *) hcalloc(ll); if (fl & SUB_MATCH) { |