>From 46bdd627ff522193134d31bdfd3ac4e4fddb5975 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Sun, 13 Sep 2020 18:40:08 -0700 Subject: [PATCH 7/7] dfa: avoid use of uninitialized constraint * lib/dfa.c (merge_nfa_state): Do not initialize the constraint to zero here. (dfaoptimize): Do it here instead, via xcalloc. This prevents the use of an uninitialized constraint by later code when ! (flags[i] & OPT_QUEUED) means merge_nfa_state was not called to initialize the constraint. Problem found by running 'valgrind src/grep -E '(^| )*(a|b)*(c|d)*( |$)' < /dev/null' on Ubuntu 18.04.5 x86-64. --- ChangeLog | 9 +++++++++ lib/dfa.c | 4 +--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5f7a148e3..395ac6baf 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,14 @@ 2020-09-13 Paul Eggert + dfa: avoid use of uninitialized constraint + * lib/dfa.c (merge_nfa_state): Do not initialize the constraint + to zero here. + (dfaoptimize): Do it here instead, via xcalloc. This prevents the + use of an uninitialized constraint by later code when ! (flags[i] + & OPT_QUEUED) means merge_nfa_state was not called to initialize + the constraint. Problem found by running 'valgrind src/grep -E + '(^| )*(a|b)*(c|d)*( |$)' < /dev/null' on Ubuntu 18.04.5 x86-64. + dfa: assume C99 in reorder_tokens * lib/dfa.c (reorder_tokens): Assume C99 and simplify. diff --git a/lib/dfa.c b/lib/dfa.c index 0fa9958fd..746c7b568 100644 --- a/lib/dfa.c +++ b/lib/dfa.c @@ -2428,8 +2428,6 @@ merge_nfa_state (struct dfa *d, idx_t tindex, char *flags, position_set *follows = d->follows; idx_t nelem = 0; - d->constraints[tindex] = 0; - for (idx_t i = 0; i < follows[tindex].nelem; i++) { idx_t sindex = follows[tindex].elems[i].index; @@ -2581,7 +2579,7 @@ dfaoptimize (struct dfa *d) position_set *merged = &merged0; alloc_position_set (merged, d->nleaves); - d->constraints = xnmalloc (d->tindex, sizeof *d->constraints); + d->constraints = xcalloc (d->tindex, sizeof *d->constraints); for (idx_t i = 0; i < d->tindex; i++) if (flags[i] & OPT_QUEUED) -- 2.17.1