Bug 26619

Summary: m4 silently truncates long lines
Product: Base System Reporter: gshapiro+FreeBSD-gnats <gshapiro+FreeBSD-gnats>
Component: binAssignee: Gregory Neil Shapiro <gshapiro>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Unspecified   
Hardware: Any   
OS: Any   

Description gshapiro+FreeBSD-gnats 2001-04-16 20:00:02 UTC 
m4 will silently truncate long strings on some operations leaving the data
corrupted.

How-To-Repeat: 
The m4 file below demonstrates the problem.  Note that after running it with:

m4 test.m4

The output shows SameList has been truncated without an error from m4.

Here is test.m4:

define(`LongList', ` assert.c debug.c exc.c heap.c match.c rpool.c strdup.c strerror.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c rget.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c syslogio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c vsprintf.c vsscanf.c wbuf.c wsetup.c stringf.c xtrap.c strto.c test.c path.c strcasecmp.c signal.c clock.c config.c shm.c ')dnl
define(`SameList', `substr(LongList, 0, index(LongList, `.'))`'substr(LongList, index(LongList, `.'))')dnl
Long`'List is: LongList

Same`'List is: SameList

ifelse(len(LongList), len(SameList), `',
`errprint(`This version of m4 is broken: length problem')')dnl
Comment 1 Kris Kennaway 2001-05-06 06:39:16 UTC 
On Mon, Apr 16, 2001 at 11:57:11AM -0700, gshapiro+FreeBSD-gnats@gshapiro.net wrote:

> >Description:
> m4 will silently truncate long strings on some operations leaving the data
> corrupted.

Any luck at identifying where the problem lies, or a fix?

Kris
Comment 2 Gregory Neil Shapiro freebsd_committer freebsd_triage 2001-05-09 17:20:10 UTC 
>> >Description:
>> m4 will silently truncate long strings on some operations leaving the data
>> corrupted.

kris> Any luck at identifying where the problem lies, or a fix?

I have a fix but since I am not an expert on the m4 internals (damn, should
have taken compilers in college), I didn't want to blindly commit it.  This
fixes the problem (to be honest, it's changes the problem from 512
characters to 4096 characters).  However, I don't know if it introduces any
side effects.  It may be possible that some of the code was depending on
MAXSTR being 512 and changing it introduces a buffer overflow.

Index: mdef.h
===================================================================
RCS file: /src/FreeBSD/cvsrepo/src/usr.bin/m4/mdef.h,v
retrieving revision 1.3
diff -u -r1.3 mdef.h
--- mdef.h	1995/05/30 06:31:35	1.3
+++ mdef.h	2001/05/09 16:17:55
@@ -96,7 +96,7 @@
 #define EOS             (char) 0
 #define MAXINP          10              /* maximum include files   */
 #define MAXOUT          10              /* maximum # of diversions */
-#define MAXSTR          512             /* maximum size of string  */
+#define MAXSTR          4096            /* maximum size of string  */
 #define BUFSIZE         4096            /* size of pushback buffer */
 #define STACKMAX        1024            /* size of call stack      */
 #define STRSPMAX        4096            /* size of string space    */
Comment 3 Gregory Neil Shapiro freebsd_committer freebsd_triage 2001-05-18 19:41:07 UTC 
State Changed
From-To: open->feedback

A patch from Mark Peek <mark-ml@whistle.com> has been applied to -CURRENT. 
The PR will be closed when the patch is applied to -STABLE (RELENG_4).
Comment 4 Gregory Neil Shapiro freebsd_committer freebsd_triage 2001-05-18 19:41:07 UTC 
Responsible Changed
From-To: freebsd-bugs->gshapiro

In a strange twist of fate, even though I am the submitter, a patch was given 
to me which fixes the problem so I am now responsible for committing the fix.
Comment 5 Gregory Neil Shapiro freebsd_committer freebsd_triage 2001-05-24 21:52:55 UTC 
State Changed
From-To: feedback->closed

The changes have been committed to -STABLE (RELENG_4).