[cscope/f14] Resolves: bz717545

Neil Horman nhorman at fedoraproject.org
Wed Jun 29 16:31:28 UTC 2011 

commit 8416c1839698ea01ba8d78b46c6cd0182b0bc79e
Author: Neil Horman <nhorman at tuxdriver.com>
Date:   Wed Jun 29 12:31:06 2011 -0400

    Resolves: bz717545

 cscope-15.7a-lexerr.patch |   97 +++++++++++++++++++++++++++++++++++++++++++++
 cscope.spec               |    7 +++-
 2 files changed, 103 insertions(+), 1 deletions(-)
---
diff --git a/cscope-15.7a-lexerr.patch b/cscope-15.7a-lexerr.patch
new file mode 100644
index 0000000..92fcf38
--- /dev/null
+++ b/cscope-15.7a-lexerr.patch
@@ -0,0 +1,97 @@
+diff -up cscope-15.7a/src/crossref.c.orig cscope-15.7a/src/crossref.c
+--- cscope-15.7a/src/crossref.c.orig	2011-06-29 12:07:37.146099207 -0400
++++ cscope-15.7a/src/crossref.c	2011-06-29 12:04:38.416385875 -0400
+@@ -45,7 +45,7 @@
+ #include <stdlib.h>
+ #include <sys/stat.h>
+ 
+-static char const rcsid[] = "$Id: crossref.c,v 1.14 2006/07/23 20:59:20 broeker Exp $";
++static char const rcsid[] = "$Id: crossref.c,v 1.15 2009/08/28 14:28:27 nhorman Exp $";
+ 
+ 
+ /* convert long to a string */
+@@ -176,6 +176,7 @@ crossref(char *srcfile)
+ #endif
+ 	    break;
+ 			
++	case LEXERR:	/* Lexer error, abort further parsing of this file */
+ 	case LEXEOF:	/* end of file; last line may not have \n */
+ 			
+ 			/* if there were symbols, output them and the source line */
+diff -up cscope-15.7a/src/fscanner.l.orig cscope-15.7a/src/fscanner.l
+--- cscope-15.7a/src/fscanner.l.orig	2011-06-29 12:07:37.139099022 -0400
++++ cscope-15.7a/src/fscanner.l	2011-06-29 12:05:06.854135643 -0400
+@@ -52,7 +52,7 @@
+ #define	IFLEVELINC	5	/* #if nesting level size increment */
+ #define YY_NO_TOP_STATE 1
+ 
+-static char const rcsid[] = "$Id: fscanner.l,v 1.13 2007/01/07 12:41:23 broeker Exp $";
++static char const rcsid[] = "$Id: fscanner.l,v 1.14 2009/08/28 14:28:27 nhorman Exp $";
+ 
+ int	first;	/* buffer index for first char of symbol */
+ int	last;	/* buffer index for last char of symbol */
+@@ -341,6 +341,8 @@ wsnl		[ \t\r\v\f\n]|{comment}
+ 			
+ 			my_yymore();
+ 			s = strpbrk(my_yytext, "\"<");
++			if (!s)
++				return(LEXERR);
+ 			my_yytext[my_yyleng-1] = '\0';
+ 			incfile(s + 1, s);
+ 			my_yytext[my_yyleng-1] = remember;
+@@ -401,6 +403,8 @@ wsnl		[ \t\r\v\f\n]|{comment}
+ 			/* NOTREACHED */
+ 		}
+ =		{	/* if a global definition initializer */
++			if (!my_yytext)
++				return(LEXERR);
+ 			if (global == YES && ppdefine == NO && my_yytext[0] != '#') {
+ 				initializerbraces = braces;
+ 				initializer = YES;
+@@ -409,6 +413,8 @@ wsnl		[ \t\r\v\f\n]|{comment}
+ 			/* NOTREACHED */
+ 		}
+ :		{	/* a if global structure field */
++			if (!my_yytext)
++				return(LEXERR);
+ 			if (global == YES && ppdefine == NO && my_yytext[0] != '#') {
+ 				structfield = YES;
+ 			}
+diff -up cscope-15.7a/src/scanner.h.orig cscope-15.7a/src/scanner.h
+--- cscope-15.7a/src/scanner.h.orig	2011-06-29 12:07:37.128098733 -0400
++++ cscope-15.7a/src/scanner.h	2011-06-29 12:04:08.361593537 -0400
+@@ -30,7 +30,7 @@
+  DAMAGE. 
+  =========================================================================*/
+ 
+-/* $Id: scanner.h,v 1.4 2005/01/31 16:50:33 broeker Exp $ */
++/* $Id: scanner.h,v 1.5 2009/08/28 14:28:27 nhorman Exp $ */
+ 
+ 
+ #ifndef CSCOPE_SCANNER_H
+@@ -60,9 +60,10 @@
+ #define UNIONDEF	'u'
+ 
+ /* other scanner token types */
+-#define LEXEOF	0
+-#define	IDENT	1
+-#define	NEWLINE	2
++#define	LEXEOF	0
++#define	LEXERR	1
++#define	IDENT	2	
++#define	NEWLINE	3	
+ 
+ /* scanner.l global data */
+ extern	int	first;		/* buffer index for first char of symbol */
+diff -up cscope-15.7a/src/scanner.l.orig cscope-15.7a/src/scanner.l
+--- cscope-15.7a/src/scanner.l.orig	2011-06-29 12:07:37.132098837 -0400
++++ cscope-15.7a/src/scanner.l	2011-06-29 12:05:33.416836037 -0400
+@@ -574,6 +574,8 @@ class{ws}+{identifier}({wsnl}|[a-zA-Z0-9
+ 			char	*s;
+ 			
+ 			s = strpbrk(yytext, "\"<");
++			if (!s)
++				return(LEXERR);
+ 			incfile(s + 1, s);
+ 			/* HBB: avoid pointer mismatch if yytext is
+ 			 * unsigned, or a pointer */
diff --git a/cscope.spec b/cscope.spec
index ff55c1e..59a3d94 100644
--- a/cscope.spec
+++ b/cscope.spec
@@ -1,7 +1,7 @@
 Summary: C source code tree search and browse tool 
 Name: cscope
 Version: 15.7a
-Release: 1%{?dist}
+Release: 2%{?dist}
 Source0: http://unc.dl.sourceforge.net/sourceforge/cscope/cscope-15.7a.tar.bz2
 URL: http://cscope.sourceforge.net
 License: BSD 
@@ -16,6 +16,7 @@ BuildRequires: pkgconfig ncurses-devel flex bison m4
 Patch0:cscope-15.6-findassign.patch
 Patch1:cscope-15.6-ocs.patch
 Patch2:cscope-15.6-xcscope-man.patch
+Patch3:cscope-15.7a-lexerr.patch
 
 %description
 cscope is a mature, ncurses based, C source code tree browsing tool.  It 
@@ -29,6 +30,7 @@ matches for use in file editing.
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
 
 %build
 %configure
@@ -77,6 +79,9 @@ rm -f %{xemacs_lisp_path}/xcscope.el
 rm -f %{emacs_lisp_path}/xcscope.el
 
 %changelog
+* Wed Jun 29 2011 Neil Horman <nhorman at redhat.com> - 15.7a-2
+- Fixed crash resulting from invalid pointer returned from lexer (bz717545)
+ 
 * Mon Mar 1 2010 Neil Horman <nhorman at redhat.com> - 15.7a-1
 - Update to latest upstream release (bz 569043)

More information about the scm-commits mailing list