From 1fed234f9faf1071d925434c5e9c14688fb4c77e Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Thu, 17 Oct 2024 15:28:32 -0400 Subject: [PATCH] ecpg: fix more minor mishandling of bad input in preprocessor. Don't get confused by an unmatched right brace in the input. (Previously, this led to discarding information about file-level variables and then possibly crashing.) Detect, rather than crash on, an attempt to index into a non-array variable. As before, in the absence of field complaints I'm not too excited about back-patching these. Per valgrind testing by Alexander Lakhin. Discussion: https://postgr.es/m/a239aec2-6c79-5fc9-9272-cea41158a360@gmail.com --- src/interfaces/ecpg/preproc/ecpg.trailer | 13 ++++++++----- src/interfaces/ecpg/preproc/variable.c | 3 ++- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/src/interfaces/ecpg/preproc/ecpg.trailer b/src/interfaces/ecpg/preproc/ecpg.trailer index e466668ea2..424903f76e 100644 --- a/src/interfaces/ecpg/preproc/ecpg.trailer +++ b/src/interfaces/ecpg/preproc/ecpg.trailer @@ -43,12 +43,15 @@ statement: ecpgstart at toplevel_stmt ';' } | '}' { - remove_typedefs(braces_open); - remove_variables(braces_open--); - if (braces_open == 0) + if (braces_open > 0) { - free(current_function); - current_function = NULL; + remove_typedefs(braces_open); + remove_variables(braces_open); + if (--braces_open == 0) + { + free(current_function); + current_function = NULL; + } } fputs("}", base_yyout); } diff --git a/src/interfaces/ecpg/preproc/variable.c b/src/interfaces/ecpg/preproc/variable.c index a4294b8f0f..ac80d2c020 100644 --- a/src/interfaces/ecpg/preproc/variable.c +++ b/src/interfaces/ecpg/preproc/variable.c @@ -233,7 +233,8 @@ find_variable(const char *name) p = find_simple(name); if (p == NULL) mmfatal(PARSE_ERROR, "variable \"%s\" is not declared", name); - + if (p->type->type != ECPGt_array) + mmfatal(PARSE_ERROR, "variable \"%s\" is not a pointer", name); *next = c; switch (p->type->u.element->type) { -- 2.39.5