[Midnightbsd-cvs] src: skeleton.c: Fix a security issue with yacc.
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Sat Jul 12 14:42:50 EDT 2008
Log Message:
-----------
Fix a security issue with yacc.
Obtained from DragonFly.
Modified Files:
--------------
src/usr.bin/yacc:
skeleton.c (r1.1.1.1 -> r1.2)
-------------- next part --------------
Index: skeleton.c
===================================================================
RCS file: /home/cvs/src/usr.bin/yacc/skeleton.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -L usr.bin/yacc/skeleton.c -L usr.bin/yacc/skeleton.c -u -r1.1.1.1 -r1.2
--- usr.bin/yacc/skeleton.c
+++ usr.bin/yacc/skeleton.c
@@ -60,6 +60,7 @@
const char *banner[] =
{
"#include <stdlib.h>",
+ "#include <string.h>",
"#ifndef lint",
"#ifdef __unused",
"__unused",
@@ -331,6 +332,10 @@
" YYPREFIX, yystate, yyn, yyrule[yyn]);",
"#endif",
" yym = yylen[yyn];",
+ " if (yym)",
+ " yyval = yyvsp[1-yym];",
+ " else",
+ " memset(&yyval, 0, sizeof yyval);",
" yyval = yyvsp[1-yym];",
" switch (yyn)",
" {",
More information about the Midnightbsd-cvs
mailing list