search

crashappsec / libcon4m

Base Compiler and Runtime Support for con4m
Apache License 2.0
0 stars 0 forks source link

SIGSEGV: unpaired string delimiter or character delimiter #59

Closed ee7 closed 3 months ago

ee7 commented 3 months ago

With:

The .c4m file:

x = "

when run with c4test (via c4m_extract_kat) produces the ASan output:

ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x64299a7cdeec bp 0x7ffe1791d570 sp 0x7ffe1791d4e0 T0)
The signal is caused by a READ memory access.
Hint: address points to the zero page.
SCARINESS: 10 (null-deref)
    #0 0x64299a7cdeec in c4m_xlist_append libcon4m/debug/../src/con4m/xlist.c:64:15
    #1 0x64299a8f55f4 in fill_lex_error libcon4m/debug/../src/con4m/compiler/lex.c:284:5
    #2 0x64299a8f8024 in scan_string_literal libcon4m/debug/../src/con4m/compiler/lex.c:578:13
    #3 0x64299a8f16ac in lex libcon4m/debug/../src/con4m/compiler/lex.c:1094:13
    #4 0x64299a8ef371 in c4m_lex libcon4m/debug/../src/con4m/compiler/lex.c:1165:9
    #5 0x64299a7811b6 in c4m_extract_kat libcon4m/debug/../src/tests/test.c:115:5
    #6 0x64299a780730 in build_file_list libcon4m/debug/../src/tests/test.c:239:19
    #7 0x64299a783ed7 in main libcon4m/debug/../src/tests/test.c:501:40

and similarly:

x = '

produces:

ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x6504391b8eec bp 0x7fff70e2b9d0 sp 0x7fff70e2b940 T0)
The signal is caused by a READ memory access.
Hint: address points to the zero page.
SCARINESS: 10 (null-deref)
    #0 0x6504391b8eec in c4m_xlist_append libcon4m/debug/../src/con4m/xlist.c:64:15
    #1 0x6504392e05f4 in fill_lex_error libcon4m/debug/../src/con4m/compiler/lex.c:284:5
    #2 0x6504392e2a95 in scan_char_literal libcon4m/debug/../src/con4m/compiler/lex.c:617:9
    #3 0x6504392dc697 in lex libcon4m/debug/../src/con4m/compiler/lex.c:1091:13
    #4 0x6504392da371 in c4m_lex libcon4m/debug/../src/con4m/compiler/lex.c:1165:9
    #5 0x65043916c1b6 in c4m_extract_kat libcon4m/debug/../src/tests/test.c:115:5
    #6 0x65043916b730 in build_file_list libcon4m/debug/../src/tests/test.c:239:19
    #7 0x65043916eed7 in main libcon4m/debug/../src/tests/test.c:501:40

and while I'm here, the same happens for e.g.

/* multi-line comment without termination
x = @
x = \

or simply e.g.

"
viega commented 3 months ago

This was because the list for errors during lex was never initialized; fixed in branch and will close out when merged.