1*98875883SSimon J. Gerraty# $NetBSD: parse.mk,v 1.7 2023/08/19 11:09:02 rillig Exp $ 29f45a3c8SSimon J. Gerraty# 39f45a3c8SSimon J. Gerraty# Test those parts of the parsing that do not belong in any of the other 49f45a3c8SSimon J. Gerraty# categories. 59f45a3c8SSimon J. Gerraty 6*98875883SSimon J. Gerraty# expect+1: Invalid line '<<<<<< old' 79f45a3c8SSimon J. Gerraty<<<<<< old 89f45a3c8SSimon J. Gerraty 99f45a3c8SSimon J. Gerraty# No diagnostic since the following line is parsed as a variable assignment, 109f45a3c8SSimon J. Gerraty# even though the variable name is empty. See also varname-empty.mk. 119f45a3c8SSimon J. Gerraty====== middle 129f45a3c8SSimon J. Gerraty 13*98875883SSimon J. Gerraty# expect+1: Invalid line '>>>>>> new' 149f45a3c8SSimon J. Gerraty>>>>>> new 15954401e6SSimon J. Gerraty 16954401e6SSimon J. Gerraty 17954401e6SSimon J. Gerraty# Since parse.c 1.578 from 2021-12-14 and before parse.c 1.681 from 18954401e6SSimon J. Gerraty# 2022-07-24, if a line of a makefile could only be a dependency specification 19954401e6SSimon J. Gerraty# but didn't contain any of the dependency operators ':', '!', '::' and its 20954401e6SSimon J. Gerraty# expansion ended with a space, make read a single byte from the memory beyond 21954401e6SSimon J. Gerraty# the expanded line's terminating '\0'. 22954401e6SSimon J. Gerraty# 23954401e6SSimon J. Gerraty# https://bugs.freebsd.org/265119 24*98875883SSimon J. Gerraty# expect+1: Invalid line 'one-target ${:U }', expanded to 'one-target ' 25954401e6SSimon J. Gerratyone-target ${:U } 26c1d01b5fSSimon J. Gerraty 27c1d01b5fSSimon J. Gerraty 28c1d01b5fSSimon J. Gerraty# Since parse.c 1.656 from 2022-01-27 and before parse.c 1.662 from 29c1d01b5fSSimon J. Gerraty# 2022-02-05, there was an out-of-bounds read in Parse_IsVar when looking for 30c1d01b5fSSimon J. Gerraty# a variable assignment in a dependency line with trailing whitespace. Lines 31c1d01b5fSSimon J. Gerraty# without trailing whitespace were not affected. Global variable assignments 32c1d01b5fSSimon J. Gerraty# were guaranteed to have no trailing whitespace and were thus not affected. 33c1d01b5fSSimon J. Gerraty# 34c1d01b5fSSimon J. Gerraty# Try to reproduce some variants that may lead to a crash, depending on the 35c1d01b5fSSimon J. Gerraty# memory allocator. To get a crash, the terminating '\0' of the line must be 36c1d01b5fSSimon J. Gerraty# the last byte of a memory page. The expression '${:U}' forces this trailing 37c1d01b5fSSimon J. Gerraty# whitespace. 38c1d01b5fSSimon J. Gerraty 39c1d01b5fSSimon J. Gerraty# On FreeBSD x86_64, a crash could in some cases be forced using the following 40c1d01b5fSSimon J. Gerraty# line, which has length 47, and if the memory for the expanded line starts at 41c1d01b5fSSimon J. Gerraty# 0xXXXX_XXd0, the terminating '\0' may end up at 0xXXXX_Xfff: 42c1d01b5fSSimon J. GerratyTry_to_crash_FreeBSD.xxxxxxxxxxxxxxxxxx: 12345 ${:U} 43c1d01b5fSSimon J. Gerraty 44c1d01b5fSSimon J. Gerraty# The following line has length 4095 after being expanded, so line[4095] == 45c1d01b5fSSimon J. Gerraty# '\0'. If the line is 46c1d01b5fSSimon J. Gerraty# allocated on a page boundary and the following page is not mapped, this line 47c1d01b5fSSimon J. Gerraty# leads to a segmentation fault. 48c1d01b5fSSimon J. Gerraty${:U:range=511:@_@1234567@:ts.}: 12345 ${:U} 49c1d01b5fSSimon J. Gerraty 50c1d01b5fSSimon J. Gerraty# The following line has length 8191, so line[8191] == '\0'. If the line is 51c1d01b5fSSimon J. Gerraty# allocated on a page boundary and the following page is not mapped, this line 52c1d01b5fSSimon J. Gerraty# leads to a segmentation fault. 53c1d01b5fSSimon J. Gerraty${:U:range=1023:@_@1234567@:ts.}: 12345 ${:U} 54c1d01b5fSSimon J. Gerraty 55c1d01b5fSSimon J. Gerraty12345: 56