Permalink
Browse files

Disallow setting NF and past 1,000,000 (fuzzer found this)

  • Loading branch information...
benhoyt committed Sep 15, 2018
1 parent 97b6ec7 commit b09e51f64689e12c466e951ed1b8add17742be9f
Showing with 19 additions and 5 deletions.
  1. +6 −1 goawk.go
  2. +1 −1 goawk_test.go
  3. +10 −3 interp/interp.go
  4. +2 −0 interp/interp_test.go
@@ -29,7 +29,12 @@ package main

/*
TODO:
- fix crash with: BEGIN { print |"1"; getline <"1" } # also print >"1"
+ add tests for print pipe/redirect/getline
- timeout / infinite loop why?
BEGIN { x[x[x[x[--x[FS = (FS FS)]]--]--]--]-- }
- performance testing: I/O, allocations, CPU
+ resolve array variables at parse time (by index instead of name)
+ resolve array parameters to functions at parse time and clean up userCall
@@ -81,7 +86,7 @@ ISSUE - discrepancy against gawk on Windows:
%: scj ... 10409 10409 scj 0 0 0 ⢩ s
%: rhm ... 10252 10252 rhm 0 0 0 ⠌ r
*/
*/// This comment intentionally left blank

import (
"bytes"
@@ -68,7 +68,7 @@ func TestAWK(t *testing.T) {
"t.intest2": true,
}
dontRunOnWindows := map[string]bool{
"p.50": true, // because this pipes to Unix sort "sort -t: +0 -1 +2nr"
"p.50": true, // because this pipes to Unix sort "sort -t: +0 -1 +2nr"
"t.printf2": true, // until we fix discrepancies here
}

@@ -112,6 +112,7 @@ type interp struct {
const (
maxCachedRegexes = 100
maxRecordLength = 10 * 1024 * 1024 // 10MB seems like plenty
maxFieldIndex = 1000000
initialStackSize = 100
outputBufSize = 64 * 1024
stderrBufSize = 4 * 1024
@@ -1093,6 +1094,9 @@ func (p *interp) setVar(index int, v value) error {
if numFields < 0 {
return newError("NF set to negative value: %d", numFields)
}
if numFields > maxFieldIndex {
return newError("NF set too large: %d", numFields)
}
p.numFields = numFields
if p.numFields < len(p.fields) {
p.fields = p.fields[:p.numFields]
@@ -1183,13 +1187,16 @@ func (p *interp) getField(index int) (value, error) {

// setField sets a single field, equivalent to "$index = value".
func (p *interp) setField(index int, value string) error {
if index < 0 {
return newError("field index negative: %d", index)
}
if index == 0 {
p.setLine(value)
return nil
}
if index < 0 {
return newError("field index negative: %d", index)
}
if index > maxFieldIndex {
return newError("field index too large: %d", index)
}
for i := len(p.fields); i < index; i++ {
p.fields = append(p.fields, "")
}
@@ -228,6 +228,8 @@ BEGIN {
{`{ print $-1 }`, "x", "", "field index negative: -1", "field -1"},
{`{ NF=-1; } # !awk - awk allows setting negative NF`,
"x", "", "NF set to negative value: -1", "negative value"},
{`{ NF=1234567; }`, "x", "", "NF set too large: 1234567", ""},
{`BEGIN { $1234567=1 }`, "", "", "field index too large: 1234567", ""},

// Lots of NF tests with different combinations of NF, $, and number
// of input fields. Some of these cause segmentation faults on awk

0 comments on commit b09e51f

Please sign in to comment.