bug#34373: 26.1; Missing range check in rx-submatch-n

unofficial mirror of bug-gnu-emacs@gnu.org 
 help / color / mirror / code / Atom feed

* bug#34373: 26.1; Missing range check in rx-submatch-n
@ 2019-02-07 18:01 Mattias Engdegård
       [not found] ` <handler.34373.B.154956253124084.ack@debbugs.gnu.org>
  0 siblings, 1 reply; 6+ messages in thread
From: Mattias Engdegård @ 2019-02-07 18:01 UTC (permalink / raw)
  To: 34373

`rx' should protect its own abstractions and never generate an invalid regexp, but will if given a bad submatch number:

(rx (group-n 0 "x"))
=> "\\(?0:x\\)"

It's a missing range check in rx-submatch-n.

In GNU Emacs 26.1 (build 1, x86_64-apple-darwin14.5.0, NS appkit-1348.17 Version 10.10.5 (Build 14F2511))
 of 2018-05-31 built on builder10-10.porkrind.org
Windowing system distributor 'Apple', version 10.3.1671






^ permalink raw reply	[flat|nested] 6+ messages in thread

[parent not found: <handler.34373.B.154956253124084.ack@debbugs.gnu.org>]

* bug#34373: Acknowledgement (26.1; Missing range check in rx-submatch-n)
       [not found] ` <handler.34373.B.154956253124084.ack@debbugs.gnu.org>
@ 2019-02-07 18:08   ` Mattias Engdegård
  2019-02-08 15:05     ` Andy Moreton
                       ` (2 more replies)
  0 siblings, 3 replies; 6+ messages in thread
From: Mattias Engdegård @ 2019-02-07 18:08 UTC (permalink / raw)
  To: 34373

[-- Attachment #1: Type: text/plain, Size: 8 bytes --]

Patch.


[-- Attachment #2: 0001-Check-validity-of-rx-submatch-n-number.patch --]
[-- Type: application/octet-stream, Size: 982 bytes --]

From cc7bbab39595b117f6f2ed2bcf5ea1782060e574 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mattias=20Engdeg=C3=A5rd?= <mattiase@acm.org>
Date: Thu, 7 Feb 2019 19:05:06 +0100
Subject: [PATCH] Check validity of rx submatch-n number

* lisp/emacs-lisp/rx.el (rx-submatch): Type and range check (Bug#34373).
---
 lisp/emacs-lisp/rx.el | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lisp/emacs-lisp/rx.el b/lisp/emacs-lisp/rx.el
index 8b4551d0d3..d47beed975 100644
--- a/lisp/emacs-lisp/rx.el
+++ b/lisp/emacs-lisp/rx.el
@@ -705,6 +705,8 @@ FORM is either `(repeat N FORM1)' or `(repeat N M FORMS...)'."
 (defun rx-submatch-n (form)
   "Parse and produce code from FORM, which is `(submatch-n N ...)'."
   (let ((n (nth 1 form)))
+    (unless (and (integerp n) (> n 0))
+      (error "rx `submatch-n' argument must be positive"))
     (concat "\\(?" (number-to-string n) ":"
 	    (if (= 3 (length form))
 		;; Only one sub-form.
-- 
2.17.2 (Apple Git-113)


[-- Attachment #3: Type: text/plain, Size: 2 bytes --]




^ permalink raw reply related	[flat|nested] 6+ messages in thread

* bug#34373: Acknowledgement (26.1; Missing range check in rx-submatch-n)
  2019-02-07 18:08   ` bug#34373: Acknowledgement (26.1; Missing range check in rx-submatch-n) Mattias Engdegård
@ 2019-02-08 15:05     ` Andy Moreton
  2019-02-16 11:14     ` Mattias Engdegård
  2019-06-23 18:20     ` Lars Ingebrigtsen
  2 siblings, 0 replies; 6+ messages in thread
From: Andy Moreton @ 2019-02-08 15:05 UTC (permalink / raw)
  To: 34373

On Thu 07 Feb 2019, Mattias Engdegård wrote:

> Patch.
>
> From cc7bbab39595b117f6f2ed2bcf5ea1782060e574 Mon Sep 17 00:00:00 2001
> From: =?UTF-8?q?Mattias=20Engdeg=C3=A5rd?= <mattiase@acm.org>
> Date: Thu, 7 Feb 2019 19:05:06 +0100
> Subject: [PATCH] Check validity of rx submatch-n number
>
> * lisp/emacs-lisp/rx.el (rx-submatch): Type and range check (Bug#34373).
> ---
>  lisp/emacs-lisp/rx.el | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/lisp/emacs-lisp/rx.el b/lisp/emacs-lisp/rx.el
> index 8b4551d0d3..d47beed975 100644
> --- a/lisp/emacs-lisp/rx.el
> +++ b/lisp/emacs-lisp/rx.el
> @@ -705,6 +705,8 @@ FORM is either `(repeat N FORM1)' or `(repeat N M FORMS...)'."
>  (defun rx-submatch-n (form)
>    "Parse and produce code from FORM, which is `(submatch-n N ...)'."
>    (let ((n (nth 1 form)))
> +    (unless (and (integerp n) (> n 0))
> +      (error "rx `submatch-n' argument must be positive"))
>      (concat "\\(?" (number-to-string n) ":"
>  	    (if (= 3 (length form))
>  		;; Only one sub-form.

You could use (natnump n) instead.

    AndyM






^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#34373: Acknowledgement (26.1; Missing range check in rx-submatch-n)
  2019-02-07 18:08   ` bug#34373: Acknowledgement (26.1; Missing range check in rx-submatch-n) Mattias Engdegård
  2019-02-08 15:05     ` Andy Moreton
@ 2019-02-16 11:14     ` Mattias Engdegård
  2019-06-23 18:20     ` Lars Ingebrigtsen
  2 siblings, 0 replies; 6+ messages in thread
From: Mattias Engdegård @ 2019-02-16 11:14 UTC (permalink / raw)
  To: 34373

No, natnump is true for zero but we only want positive integers here.






^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#34373: Acknowledgement (26.1; Missing range check in rx-submatch-n)
  2019-02-07 18:08   ` bug#34373: Acknowledgement (26.1; Missing range check in rx-submatch-n) Mattias Engdegård
  2019-02-08 15:05     ` Andy Moreton
  2019-02-16 11:14     ` Mattias Engdegård
@ 2019-06-23 18:20     ` Lars Ingebrigtsen
  2019-06-23 18:34       ` Mattias Engdegård
  2 siblings, 1 reply; 6+ messages in thread
From: Lars Ingebrigtsen @ 2019-06-23 18:20 UTC (permalink / raw)
  To: Mattias Engdegård; +Cc: 34373

Mattias Engdegård <mattiase@acm.org> writes:

> * lisp/emacs-lisp/rx.el (rx-submatch): Type and range check (Bug#34373).

[...]

>  (defun rx-submatch-n (form)
>    "Parse and produce code from FORM, which is `(submatch-n N ...)'."
>    (let ((n (nth 1 form)))
> +    (unless (and (integerp n) (> n 0))
> +      (error "rx `submatch-n' argument must be positive"))

This looks like an eminently reasonable sanity check to me, but I'm
quite unfamiliar with the rx machinery.  Just push the change?

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no





^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#34373: Acknowledgement (26.1; Missing range check in rx-submatch-n)
  2019-06-23 18:20     ` Lars Ingebrigtsen
@ 2019-06-23 18:34       ` Mattias Engdegård
  0 siblings, 0 replies; 6+ messages in thread
From: Mattias Engdegård @ 2019-06-23 18:34 UTC (permalink / raw)
  To: Lars Ingebrigtsen; +Cc: 34373-done

23 juni 2019 kl. 20.20 skrev Lars Ingebrigtsen <larsi@gnus.org>:
> 
> This looks like an eminently reasonable sanity check to me, but I'm
> quite unfamiliar with the rx machinery.  Just push the change?

Thank you, pushed.






^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2019-06-23 18:34 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-02-07 18:01 bug#34373: 26.1; Missing range check in rx-submatch-n Mattias Engdegård
     [not found] ` <handler.34373.B.154956253124084.ack@debbugs.gnu.org>
2019-02-07 18:08   ` bug#34373: Acknowledgement (26.1; Missing range check in rx-submatch-n) Mattias Engdegård
2019-02-08 15:05     ` Andy Moreton
2019-02-16 11:14     ` Mattias Engdegård
2019-06-23 18:20     ` Lars Ingebrigtsen
2019-06-23 18:34       ` Mattias Engdegård

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).