Re: branch-1_4 patsubst replacement bug

[Eric Blake]

Eric Blake <ebb9 <at> byu.net> writes:

> 
> 2006-07-14  Eric Blake  <ebb9 <at> byu.net>
> 
>       * src/builtin.c (substitute): Warn on bad escape sequences.
>       Ignore trailing backslash.

Arrgh.  cygwin and Linux were too nice; and happened to have NUL bytes beyond 
the string bounds in the malloc'd string.  When I tested on mingw, it 
immediately became obvious; the testsuite showed that substitute() will happily 
read the garbage after the '\0' when there is a dangling \ in the substitution 
string.  I'll have to roll a 1.4.6 :(  I will probably wait a couple of weeks 
for any other feedback on any other 1.4.5 issues to surface.

At least this is only in a corner case that already had bad semantics in 1.4.4, 
so I doubt anyone was relying on the behavior of a dangling \ in the 
substitution text of regexp or patsubst.  And it is a one-line fix, in case any 
distro packager wants to pick it up in the meantime.

2006-07-17  Eric Blake  <address@hidden>

        * configure.ac (AC_INIT): Bump version number.
        * src/builtin.c (substitute): Bah.  Fix buffer overrun.
        * NEWS: Document this fix.

Index: NEWS
===================================================================
RCS file: /sources/m4/m4/NEWS,v
retrieving revision 1.1.1.1.2.39
diff -u -r1.1.1.1.2.39 NEWS
--- NEWS        15 Jul 2006 22:37:11 -0000      1.1.1.1.2.39
+++ NEWS        17 Jul 2006 16:21:04 -0000
@@ -2,6 +2,11 @@
 Copyright (C) 1992, 1993, 1994, 2004, 2005, 2006 Free Software
 Foundation, Inc.
 
+Version 1.4.6 - ?? 2006, by ??  (CVS version 1.4.5a)
+
+* Fix buffer overrun in regexp and patsubst macros when handed a trailing
+  backslash in the replacement text.
+
 Version 1.4.5 - 15 July 2006, by Eric Blake  (CVS version 1.4.4c)
 
 * Fix sysval on BeOS, OS/2, and other systems that store exit status
Index: configure.ac
===================================================================
RCS file: /sources/m4/m4/configure.ac,v
retrieving revision 1.36.2.22
diff -u -r1.36.2.22 configure.ac
--- configure.ac        15 Jul 2006 22:37:11 -0000      1.36.2.22
+++ configure.ac        17 Jul 2006 16:21:04 -0000
@@ -18,7 +18,7 @@
 # 02110-1301  USA
 
 AC_PREREQ([2.60])
-AC_INIT([GNU M4], [1.4.5], address@hidden)
+AC_INIT([GNU M4], [1.4.5a], address@hidden)
 AM_INIT_AUTOMAKE([1.9.6 dist-bzip2 gnu])
 PACKAGE=$PACKAGE_TARNAME; AC_SUBST([PACKAGE])
 VERSION=$PACKAGE_VERSION; AC_SUBST([VERSION])
Index: src/builtin.c
===================================================================
RCS file: /sources/m4/m4/src/Attic/builtin.c,v
retrieving revision 1.1.1.1.2.25
diff -u -r1.1.1.1.2.25 builtin.c
--- src/builtin.c       14 Jul 2006 20:43:23 -0000      1.1.1.1.2.25
+++ src/builtin.c       17 Jul 2006 16:21:04 -0000
@@ -1657,7 +1657,7 @@
        case '\0':
          M4ERROR ((warning_status, 0, "\
 Warning: trailing \\ ignored in replacement"));
-         break;
+         return;
 
        default:
          obstack_1grow (obs, ch);