| Message ID | 20090425130343.3df87cbb@notas (mailing list archive) |
|---|---|
| State | Superseded, archived |
| Headers | show |
On Sat, Apr 25, 2009 at 4:03 AM, Martin Nagy <mnagy@redhat.com> wrote: > > We weren't checking if the initializer isn't NULL, which caused sparse > to segfault later on when performing lazy evaluation in classify_type(). > > Signed-off-by: Martin Nagy <nagy.martin@gmail.com> > --- > Â parse.c | Â 17 +++++++++++------ > Â 1 files changed, 11 insertions(+), 6 deletions(-) > > diff --git a/parse.c b/parse.c > index 9662122..18cfaef 100644 > --- a/parse.c > +++ b/parse.c > @@ -924,12 +924,17 @@ static struct token *typeof_specifier(struct token *token, struct decl_state *ct > Â Â Â Â Â Â Â Â ctx->ctype.base_type = sym->ctype.base_type; > Â Â Â Â Â Â Â Â apply_ctype(token->pos, &sym->ctype, &ctx->ctype); > Â Â Â Â } else { > - Â Â Â Â Â Â Â struct symbol *typeof_sym = alloc_symbol(token->pos, SYM_TYPEOF); > - Â Â Â Â Â Â Â token = parse_expression(token->next, &typeof_sym->initializer); > - > - Â Â Â Â Â Â Â typeof_sym->endpos = token->pos; > - Â Â Â Â Â Â Â ctx->ctype.base_type = typeof_sym; > - Â Â Â } > + Â Â Â Â Â Â Â struct expression *expr; I think you want expr = NULL here. Otherwise if(expr) will pick up crap. I would just add two lines after "token = parse_expression(token->next, &typeof_sym->initializer);" if (!type->initializer) sparse_error(token->pos, "expected expression after the '(' token"); If there is compile error, the sparse should not continue the later stage any way. BTW, can you add a validation test case which will trigger the bug? Thanks Chris -- To unsubscribe from this list: send the line "unsubscribe linux-sparse" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/parse.c b/parse.c index 9662122..18cfaef 100644 --- a/parse.c +++ b/parse.c @@ -924,12 +924,17 @@ static struct token *typeof_specifier(struct token *token, struct decl_state *ct ctx->ctype.base_type = sym->ctype.base_type; apply_ctype(token->pos, &sym->ctype, &ctx->ctype); } else { - struct symbol *typeof_sym = alloc_symbol(token->pos, SYM_TYPEOF); - token = parse_expression(token->next, &typeof_sym->initializer); - - typeof_sym->endpos = token->pos; - ctx->ctype.base_type = typeof_sym; - } + struct expression *expr; + token = parse_expression(token->next, &expr); + if (expr) { + struct symbol *typeof_sym = alloc_symbol(token->pos, SYM_TYPEOF); + typeof_sym->endpos = token->pos; + typeof_sym->initializer = expr; + ctx->ctype.base_type = typeof_sym; + } else { + sparse_error(token->pos, "expected expression after the '(' token"); + } + } return expect(token, ')', "after typeof"); }
We weren't checking if the initializer isn't NULL, which caused sparse to segfault later on when performing lazy evaluation in classify_type(). Signed-off-by: Martin Nagy <nagy.martin@gmail.com> --- parse.c | 17 +++++++++++------ 1 files changed, 11 insertions(+), 6 deletions(-)