summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIngo Schwarze <schwarze@cvs.openbsd.org>2016-08-30 21:59:00 +0000
committerIngo Schwarze <schwarze@cvs.openbsd.org>2016-08-30 21:59:00 +0000
commit69d1f3ce4ed01b31e0a825c23e7375d21a4b31ae (patch)
tree026d458b2fd3b9b1cad984247c8ed68fcbd59e46
parentefeeff74d09032b7affa7b2983893cb44e773667 (diff)
When the database is corrupt in the sense of containing invalid
pointers in the pages table, do not access NULL pointers, but gracefully handle the errors. Similar patches will be needed for the macro tables, too. <attila at stalphonsos dot com> audited the code and pointed out to me that dbm_get() can return NULL for corrupted databases, but that isn't handled properly at various places.
-rw-r--r--usr.bin/mandoc/dbm.c18
1 files changed, 16 insertions, 2 deletions
diff --git a/usr.bin/mandoc/dbm.c b/usr.bin/mandoc/dbm.c
index 3334a2ce366..e4c707bcacc 100644
--- a/usr.bin/mandoc/dbm.c
+++ b/usr.bin/mandoc/dbm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dbm.c,v 1.1 2016/08/01 10:32:39 schwarze Exp $ */
+/* $OpenBSD: dbm.c,v 1.2 2016/08/30 21:58:59 schwarze Exp $ */
/*
* Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
*
@@ -140,10 +140,18 @@ dbm_page_get(int32_t ip)
assert(ip >= 0);
assert(ip < npages);
res.name = dbm_get(pages[ip].name);
+ if (res.name == NULL)
+ res.name = "(NULL)";
res.sect = dbm_get(pages[ip].sect);
+ if (res.sect == NULL)
+ res.sect = "(NULL)";
res.arch = pages[ip].arch ? dbm_get(pages[ip].arch) : NULL;
res.desc = dbm_get(pages[ip].desc);
+ if (res.desc == NULL)
+ res.desc = "(NULL)";
res.file = dbm_get(pages[ip].file);
+ if (res.file == NULL)
+ res.file = " (NULL)";
res.addr = dbm_addr(pages + ip);
return &res;
}
@@ -240,7 +248,13 @@ page_bytitle(enum iter arg_iter, const struct dbm_match *arg_match)
default:
abort();
}
- ip = 0;
+ if (cp == NULL) {
+ iteration = ITER_NONE;
+ match = NULL;
+ cp = NULL;
+ ip = npages;
+ } else
+ ip = 0;
return res;
}